YOu can store them as HA1 strings (see RFC2617 for details). Basically it is an MD5 hash of username, realm, and password. It is still not very secure, because if someone gets access to the string then he could authenticate using a modified SIP user agent, but at least people won't see the passwords by accident.
To enable this set:
modparam("auth_db", "calculate_ha1", no) modparam("auth_db", "password_column", "ha1")
You can generate the HA1 strings using gen_ha1 tool (which is installed with SER).
Jan.
Istvan Hubay Cebrian wrote:
Hi,
I am currently deploying SER on a Linksys WRT54GS v1.1 router. I am using dbtext for authentication purposes. Lately I noticed that the user’s passwords are stored as text. My question is: if there is anyway in which I could encrypt these passwords? May-be using another module? Any information will be much appreciated.
Thanks