[Serusers] how not to store clear text passwd in database - sr-users - kamailio.org

List overview All Threads
Download

[Serusers] how not to store clear text passwd in database

[Serusers] voicemail and missed...

[Serusers] proxy-authenticate

Rao

8 May 2004 8 May '04

7:45 a.m.

Hi,

Is there a way not to store clear text passwd in the database ? I cannot find an option to serctl to do this.

Thanks.

Rao.

--------------------------------- Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs

Attachments:

attachment.html (text/html — 530 bytes)

Reply

Show replies by date

Jiri Kuthan

8 May 8 May

11:40 a.m.

At 09:45 AM 5/8/2004, Rao wrote:

Hi,

Is there a way not to store clear text passwd in the database ? I cannot find an option to serctl to do this.

serctl stores both clear-text and HA1.

-jiri

Reply

Rao

10 May 10 May

5:20 a.m.

Jiri Thanks. Is there a way to not store the passwd in clear and make everything work. if so how ?.

Thanks.

Rao.

Jiri Kuthan jiri@iptel.org wrote: At 09:45 AM 5/8/2004, Rao wrote:

Hi,

Is there a way not to store clear text passwd in the database ? I cannot find an option to serctl to do this.

serctl stores both clear-text and HA1.

-jiri

--------------------------------- Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs

Reply

Jan Janak

6:33 a.m.

Yes, set the following: modparam("auth_db", "calculate_ha1", no) and comment modparam("auth_db", "password_column", "password")

SER will then get the HA1 string from the ha1 column of subscriber table. After that you can erase the contents of password column.

Make sure that your realm (the first parameter of www_authorize and www_challenge) is the same as the domain column of subscriber table. The realm value is hashed in the HA1 string as well and it will not authenticate if it is different (such errors are hard to find).

Jan.

On 09-05 22:20, Rao wrote:

Jiri Thanks. Is there a way to not store the passwd in clear and make everything work. if so how ?.

Thanks.

Rao.

Jiri Kuthan jiri@iptel.org wrote: At 09:45 AM 5/8/2004, Rao wrote:

...
Hi,

Is there a way not to store clear text passwd in the database ? I cannot find an option to serctl to do this.

serctl stores both clear-text and HA1.

-jiri

Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs _______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

Reply

Jiri Kuthan

12:02 p.m.

make serweb and serctl store only the HA1 password. Configure SER to use HA1 password only (I don't remember exact config, check module READMEs)

-jiri

At 07:20 AM 5/10/2004, Rao wrote:

Jiri Thanks. Is there a way to not store the passwd in clear and make everything work. if so how ?.

Thanks.

Rao.

Jiri Kuthan jiri@iptel.org wrote: At 09:45 AM 5/8/2004, Rao wrote:

...
Hi,

Is there a way not to store clear text passwd in the database ? I cannot find an option to serctl to do this.

serctl stores both clear-text and HA1.

-jiri

Do you Yahoo!? http://pa.yahoo.com/*http://us.rd.yahoo.com/hotjobs/hotjobs_mail_signature_footer_textlink/evt=23983/*http://hotjobs.sweepstakes.yahoo.com/careermakeoverWin a $20,000 Career Makeover at Yahoo! HotJobs

-- Jiri Kuthan http://iptel.org/~jiri/

Reply

7748

Age (days ago)

7750

Last active (days ago)

sr-users@lists.kamailio.org

4 comments

3 participants

tags (0)

participants (3)

Jan Janak
Jiri Kuthan
Rao