Man Linux: Main Page and Category List


       astgenkey -- generates keys for for Asterisk IAX2 RSA authentication


       astgenkey [ -q ] [ -n ] [ keyname ]


       astgenkey  This  script generates an RSA private and public key pair in
       PEM format for use by Asterisk.  The  private  key  should  be  kept  a
       secret,  as  it  can  be  used to fake your system’s identity.  Thus by
       default (without the option -n ) the script will create  a  passphrase-
       encrypted  copy of your secret key: without entering the passphrase you
       won’t be able to use it.

       However if you want to use such a key with  Asterisk,  you’ll  have  to
       start  it  interactively, because the scripts that start asterisk can’t
       use that encrypted key.

       The key is identified by a name. If you don’t write  the  name  on  the
       command-line you’ll be prompted for one. The outputs of the script are:
              The public key: not secret. Send this to the other side.

              The private key: secret.

       Those files should be copied to /var/lib/asterisk/keys

       (The private key: on your system. The public key: on other systems)

       To see the currently-installed keys from  the  asterisk  CLI,  use  the

              show keys


              Run quietly.

              Don’t encrypt the private key.


       The  keys are created, using the umask of the user running the command.
       To create the keys in a secure manner, you should check to ensure  that
       your  umask  is first set to disallow the private key from being world-
       readable, such as with the following commands:

       umask 0066

       astgenkey yourkey

       And then make the key accessible to Asterisk (assuming you  run  it  as
       user "asterisk").

         chown asterisk /var/lib/asterisk/keys/yourname.*




       asterisk(8), genrsa(1), rsa(1),


       This     manual     page     was     written     by    Tzafrir    Cohen
       <> Permission is granted  to  copy,  distribute
       and/or  modify  this document under the terms of the GNU General Public
       License, Version 2 any later version published  by  the  Free  Software

       On  Debian systems, the complete text of the GNU General Public License
       can be found in /usr/share/common-licenses/GPL.