Home | Hardware | Internet News |Web Hosting |IT Management |Network Storage
LinuxPlanet
Search 
  Power Search | Tips 

 Front Door
 Discussion
 LinuxEngine
 Opinions
 Reports
 Reviews
 Tutorials
 News
 Technology Jobs

 Browse by subject.
Free Newsletter

Linux Planet
 Linux Today
More Free Newsletters

Be a Commerce Partner



internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers
Print this article
Email this article
   LinuxPlanet / Reports






Securing Your Asterisk Server, Part 1
Password Management

Carla Schroder
Tuesday, July 18, 2006 02:53:36 PM

Strong passwords are fundamental defenses against intrusion. The world is chock-full of automated password crackers that crack easy passwords in seconds. Passwords should not be words, names, places, birthdates, Social Security numbers, or pet names. In other words, nothing that will be found in a dictionary, and nothing that can be related to you in any way. Cracker dictionaries even include common misspellings. Random sequences of letters, numbers, and punctuation marks are best, no fewer than eight characters.

How do you keep track of passwords? Do yourself a favor and ignore all the bad advice about memorizing them and never writing them down. Write them down and keep them in a safe place, like your wallet or a locked drawer. You don't have to take my word for it; no less a security guru than Bruce Schneier recommends this.

First we'll take care of the more important passwords and security holes.

CentOS Linux Password

The default login on your Asterisk@Home server is user "root"; the password is "password." This is the most important password of all, because this is the key to the kingdom. Log in on the command-line of the server and run the passwd command:

# passwd
Changing password for root
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully

passwd is a standard Linux command. All the rest of the password commands are Asterisk@Home commands.

Asterisk Management Portal Password

While you're still on the command line, run the passwd-maint script to change the password for the maint user, which controls AMP: 
# passwd-maint
-------------------------------------------
Set password for AMP web GUI and maint GUI
User: maint
-------------------------------------------


New password:
Re-type new password:
Updating password for user maint

A related user is wwwuser which also has AMP access, except it is blocked from using the Maintenance tab. Change it with this command: 

# passwd-amp

Disable Alt+F9

Hitting Alt+F9 on the Asterisk server bypasses the root login and takes you directly to the administration console, which does all the same things as AMP, but without all the pretty graphics. You might leave this alone if you are confident in your physical security. Remember the ancient Unix security dictum: "Anyone with physical access to the box owns it." To disable it, do this: 

# nano /usr/sbin/safe_asterisk
CONSOLE=no

Next: Using the Nano Text Editor »

Skip Ahead

1 The Importance of Passwords
2 Password Management
3 Using the Nano Text Editor





Linux is a trademark of Linus Torvalds.


internet.com home | search | help! | about us

Jupiter Online Media

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Web Hosting | Newsletters | Tech Jobs | Shopping | E-mail Offers