From d2daba25f750a6e0bf815b16fb7934372992e5ba Mon Sep 17 00:00:00 2001
From: Tilghman Lesher <tilghman@meg.abyt.es>
Date: Tue, 8 Apr 2008 16:54:21 +0000
Subject: [PATCH] Merged revisions 113399 via svnmerge from
 https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines

Add security note on astgenkey's manpage.
(closes issue #12373)
 Reported by: lmamane
 Patches:
       20080406__bug12373.diff.txt uploaded by Corydon76 (license 14)

........


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@113400 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 contrib/scripts/astgenkey.8 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/contrib/scripts/astgenkey.8 b/contrib/scripts/astgenkey.8
index 8f83259827..328a4d2596 100644
--- a/contrib/scripts/astgenkey.8
+++ b/contrib/scripts/astgenkey.8
@@ -109,6 +109,21 @@ Run quietly.
 Don't encrypt the private key.
 .RE
 
+.SH SECURITY
+The keys are created, using the umask of the user running the command.
+To create the keys in a secure manner, you should check to ensure that
+your umask is first set to disallow the private key from being world-
+readable, such as with the following commands:
+
+.I umask 0066
+
+.I astgenkey yourkey
+
+And then make the key accessible to Asterisk (assuming you run it as
+user "asterisk").
+
+  chown asterisk /var/lib/asterisk/keys/yourname.*
+
 .SH FILES
 .I /var/lib/asterisk/keys
 .RS
-- 
GitLab