[SR-Users] Sync nonce between various servers
Carsten Bock
carsten at ng-voice.com
Mon Nov 19 15:40:17 CET 2012
Maybe we should merge the docs from 1.5, the docs are much better:
"Secret phrase used to calculate the nonce value.
The default is to use a random value generated from the random source
in the core.
If you use multiple servers in your installation, and would like to
authenticate on the second server against the nonce generated at the
first one its necessary to explicitly set the secret to the same value
on all servers. However, the use of a shared (and fixed) secret as
nonce is insecure, much better is to stay with the default. Any
clients should send the reply to the server that issued the request."
2012/11/19 Andreas Granig <agranig at sipwise.com>:
> Thanks Olle and Carsten,
>
> On 11/19/2012 03:27 PM, Carsten Bock wrote:
>> short question:
>> Why don't you use a shared secret to create a nonce value?
>>
>> http://kamailio.org/docs/modules/devel/modules/auth.html#auth.secret
>
> I've noticed this "secret" parameter, but the documentation is a bit
> brief on the exact meaning of it, thus my question on the list.
>
> If this setting is really doing what we all think it is doing, then
> that'll be great! :)
>
> I'll just try it out...
>
> Andreas
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
--
Carsten Bock
CEO (Geschäftsführer)
ng-voice GmbH
Schomburgstr. 80
D-22767 Hamburg / Germany
http://www.ng-voice.com
mailto:carsten at ng-voice.com
Office +49 40 34927219
Fax +49 40 34927220
Sitz der Gesellschaft: Hamburg
Registergericht: Amtsgericht Hamburg, HRB 120189
Geschäftsführer: Carsten Bock
Ust-ID: DE279344284
Hier finden Sie unsere handelsrechtlichen Pflichtangaben:
http://www.ng-voice.com/imprint/
More information about the sr-users
mailing list