Cisco Systems Linksys PAP2 Manual De Usuario
An encrypted CFG file requires either a password (or quoted pass-phrase) or a hex-string. The
following lines illustrate command-line invocations for various combinations of keys and algorithms.
spc –-rc4 –-ascii-key apple4sale pap2.txt pap2.cfg
spc –-aes –-ascii-key lucky777 pap2.txt pap2.cfg
spc –-aes –-ascii-key “my secret phrase” pap2.txt pap2.cfg
spc –-aes –-hex-key 8d23fe7...a5c29 pap2.txt pap2.cfg
spc –-aes –-ascii-key lucky777 pap2.txt pap2.cfg
spc –-aes –-ascii-key “my secret phrase” pap2.txt pap2.cfg
spc –-aes –-hex-key 8d23fe7...a5c29 pap2.txt pap2.cfg
A CFG file can be both targeted and key encrypted, as suggested by the following example:
spc –-target 000e08aaa010 –-aes –-hex-key 9a20...eb47 a.txt a.cfg
The status messages printed by spc can be suppressed with the “--quiet” command line option. Or
they can be redirected to a file, with the “--log file_name” command line option. In the latter case, the
spc command line invocation itself is also printed in the log file, preceded by a timestamp.
spc –-quiet . . .
spc –-log prov.log . . .
spc –-log prov.log . . .
3.1.2.
Encrypting and Compressing XML configuration files
The Linksys PHONE ADAPTER supports encrypted XML configuration profiles. This can be used for
subsequent configuration files stored on or generated by either TFTP or HTTP servers. When used
in concert with HTTPS for initial config, this provides complete security, but only uses the HTTPS
server for initial enrollment. For example, an example configuration file in XML setup to download an
encrypted XML file via HTTP looks like this:
<flat-profile>
<Profile_Rule>[--key $B] http://config.provider.net/linksys/established/$MA.xml
</Profile_Rule>
<Resync_Periodic>86400</Resync_Periodic>
<GPP_B >9b4cef5677a129</GPP_B>
<Admin_Passwd>9b4cef5677a129</Admin_Passwd>
<Proxy_1_>sip.provider.net</Proxy_1_>
<User_ID_1_>1234567890</User_ID_1_>
<Password_1_>YhJ89_Luk4E</Password_1_>
<Display_Name_1_>1234567890</Display_Name_1_>
<Line_Enable_2_>0</Line_Enable_2_>
</flat-profile>
An XML configuration file can be encrypted using the openssl command line utility as shown below.
(Note that aes encryption is available beginning with OpenSSL versions 0.9.7. OpenSSL is freely
available from http://www.openssl.org )
openssl aes-256-cbc -e -in cleartextconfig -out encryptedconfig -k 9b4cef5677a129
subsequent configuration files stored on or generated by either TFTP or HTTP servers. When used
in concert with HTTPS for initial config, this provides complete security, but only uses the HTTPS
server for initial enrollment. For example, an example configuration file in XML setup to download an
encrypted XML file via HTTP looks like this:
<flat-profile>
<Profile_Rule>[--key $B] http://config.provider.net/linksys/established/$MA.xml
</Profile_Rule>
<Resync_Periodic>86400</Resync_Periodic>
<GPP_B >9b4cef5677a129</GPP_B>
<Admin_Passwd>9b4cef5677a129</Admin_Passwd>
<Proxy_1_>sip.provider.net</Proxy_1_>
<User_ID_1_>1234567890</User_ID_1_>
<Password_1_>YhJ89_Luk4E</Password_1_>
<Display_Name_1_>1234567890</Display_Name_1_>
<Line_Enable_2_>0</Line_Enable_2_>
</flat-profile>
An XML configuration file can be encrypted using the openssl command line utility as shown below.
(Note that aes encryption is available beginning with OpenSSL versions 0.9.7. OpenSSL is freely
available from http://www.openssl.org )
openssl aes-256-cbc -e -in cleartextconfig -out encryptedconfig -k 9b4cef5677a129
© 2004 Linksys Proprietary (See Copyright Notice on Page 2)
24