Asterisk passwords are scattered all over the place.

• In the channels configuration files for clients (phones)
• In the voicemail system for voicemailboxes
• In a separate file for the authenticate command
• In a file for the DISA command
• In the manager configuration file

It would be good if someone suggested a more clear and modular authentication architecture for Asterisk.

A system with

• Users
  • Password (strong) for client and manager authentication
  • Pin Code for telephony authentication (Voicemail)
• Roles
  • Manager?
  • Agent?
• Groups
  • Possible connection to context
• Aliases
  • Other SIP or TEL URL's that user can be reached on
• Connections
  • Account configurations for various channels, like SIP, IAX, MGCP, H.323

See also

• Asterisk administration
• Authenticate command: Authenticate a user
• Asterisk - documentation of application commands
• Asterisk authenticate using voicemail passwords

---

• Asterisk: Start page | Introduction | FAQ | Tips & Tricks