[SR-Users] using bcrypt passwd hashing

[Yuriy Gorlichenko]

You can realize any of auth methods by yourself and include it via config
file/kemi on lua/by adding module

forexample I added SSO auth without any troubles instead of basid MD5 for
some projects.

2017-11-11 18:49 GMT+03:00 Alex Balashov <abalashov at evaristesys.com>:

> Do you know of any mainstream SIP UACs which support anything other than
> standard MD5 digest auth?
>
> On November 10, 2017 7:11:26 PM EST, "Walter Martín Villalba" <
> wvillalba at gmail.com> wrote:
> >Hello,
> >
> >I did some searches online and talked to some colleagues and it seems
> >Kamailio only supports the traditional HTTP digest authentication,
> >which
> >uses MD5. I would like to know if any of you has been successful in
> >using
> >bcrypt/scrypt/pbkdf2 passwd hashing, instead of MD5, which has been
> >deemed
> >as obsolete and insecure a long time ago. Perhaps you've written your
> >own
> >auth module, or just modified the config script to call some other
> >credential checking routine using a custom python/perl script (I'm
> >thinking
> >of doing the latter, of nothing better is available).
> >
> >If any of you have done something like this, using bcrypt or any other
> >current and secure hashing algorithm, I would appreciate some guidance.
> > If
> >you haven't, aren't you concerned about storing MD5 password hashes in
> >your
> >database?
> >
> >Note: if I can't find a good answer using this list, I will try the
> >developer's list next.
> >
> >Thanks in advance,
> >
> >Martín.
>
>
> -- Alex
>
> --
> Sent via mobile, please forgive typos and brevity.
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20171112/6222f5ab/attachment.html>