Securing Your Asterisk Server, Part 1 - The Importance of Passwords

At LinuxPlanet, the ever-prolific Carla Schroeder tells us how to help lock down Asterisk: Securing Your Asterisk Server, Part 1 - The Importance of Passwords.

Asterisk@Home ships with a bunch of default passwords that many people know. Moreover, it sends server administration traffic in the clear, rather than over HTTPS. This means that anyone on your local network could easily sniff out all those passwords after you go to the trouble of changing them. OpenSSH should be configured to use RSA key pairs instead of the root system login, which is both more secure and more convenient. Today's and next week's installments will tell all about how to do these things. Disconnect your Asterisk server from the network, and away we go.