This article will cover the process of IAX clients configuration in Asterisk.
There are three authentication methods that are supported: MD5, plaintext and RSA. The least secure is “plaintext”, which sends passwords cleartext across the net. “md5” uses a challenge/response md5 sum arrangement, but still requires both ends have plain text access to the secret. “rsa” allows unidirectional secret knowledge through public/private keys. If “rsa” authentication is used, “inkeys” is a list of acceptable public keys on the local system that can be used to authenticate the remote peer, separated by the “:” character. “outkey” is a single, private key to use to authenticate to the other side.
Public keys are named /var/lib/asterisk/keys/<name>.pub while private keys are named /var/lib/asterisk/keys/<name>.key. Private keys should always be 3DES encrypted. Continue reading