Problem with file encryption thru asterisk PBX

Asterisk Asterisk General
1

Hello,
I have problem to encrypt file thru asterisk PBX.
I can encrypt a file when using GnuPG from the command line.
gpg -e -r cchla1021@yahoo.com record.gsm then tap enter.
It will generate record_mode.gsm.gpg encryption file.

But I failed to generate encryption file “record_mode.gsm.gpg” when I dial number 1234 into asterisk phone system.

/*******************************************************
This is my simple test extensions_custom script:
extensions_custom.conf
[from-internal-custom]
exten => 1234,1,SayDigits(1234)
exten => 1234,2,System(/var/lib/asterisk/sounds/dictate/test.pl)
exten => 1234,3,Wait(3)
exten => 1234,4,Hangup()
exten => h,1,Hangup()

/*******************************************************
My simple perl testing script
test.pl
#!/usr/bin/perl -w

my $pid = system(“gpg -e -r cchla1021@yahoo.com record_mode.gsm”);

waitpid $pid,0;
/*******************************************************

If I simply execute test.pl through command line, file can be encrypted and generate “record_mode.gsm.gpg”. :cry:

I’ve also changed test.pl ownership and user group to asterisk:asterisk as below command:
chown astersk:asterisk test.pl
chmod 777 test.pl

-rwxrwxrwx 1 asterisk asterisk 133 Jul 31 14:58 test.pl

Any input from everybody, I am greatly appreciate. I believe this small testing will also enlighten some people who wish to use GnuPG free open source for file encryption in asterisk system. :wink:

Joseph

2

Try adding the full path to the gsm file and specifying where you want the output. Or instead of using perl, use a shell script.

#!/bin/sh cd /var/lib/asterisk/sounds/dictate/ gpg -e -r cchla1021@yahoo.com record_mode.gsm

3

Problem still exist. It still fail to generate encryption file when I execute shell script as you recommend and dial number 1234 to execute shell script as below via asterisk pbx. If I execute shell script under console won’t have problem.

#!/bin/sh
gpg -e --yes -r cchla1021@yahoo.com /var/lib/asterisk/sounds/dictate/record_mode.gsm > /var/lib/asterisk/sounds/dictate/record_mode.gsm.gpg

Hi, Dave. Is that possible try this scenario on your Asterisk machine?

Almost run out of idea. Wish any one of you can contribute some precious idea to move forward.

Thank you Dave

4

Finally, figure it out. Here is the solution to share everybody.
Here is my testing test1.sh shell script

#!/bin/sh
gpg --homedir /var/lib/asterisk/.gnupg -r cchla1021@gmail.com --encrypt /var/lib/asterisk/sounds/dictate/record_mode.gsm

extensions_custom.conf

[from-internal-custom]
;exten => 1234,1,Playback(demo-congrats)
exten => 1234,1,SayDigits(1234)
exten => 1234,2,System(/var/lib/asterisk/sounds/dictate/test1.sh)
exten => 1234,3,Hangup()

One last very important thing that we need to remember to give enough permission to /var/lib/asterisk/.gnupg

root@pbx:/var/lib/asterisk $ ls -la
total 176

drwx------ 2 asterisk asterisk 4096 Jul 30 14:47 .gnupg

root@pbx:/var/lib/asterisk $ chmod 755 .gnupg
root@pbx:/var/lib/asterisk $ ls -la

drwxr-xr-x 2 asterisk asterisk 4096 Aug 1 17:16 .gnupg

root@pbx:/var/lib/asterisk $ cd .gnupg
root@pbx:/var/lib/asterisk/.gnupg $ ls -la
total 40
drwxr-xr-x 2 asterisk asterisk 4096 Aug 1 17:16 .
drwxr-xr-x 11 asterisk asterisk 4096 Jul 31 23:52 …
-rw------- 1 asterisk asterisk 9207 Jul 31 14:26 gpg.conf
-rw------- 1 asterisk asterisk 911 Jul 31 14:30 pubring.gpg
-rw------- 1 asterisk asterisk 911 Jul 31 14:30 pubring.gpg~
-rw------- 1 asterisk asterisk 600 Aug 1 17:16 random_seed
-rw------- 1 asterisk asterisk 1049 Jul 31 14:30 secring.gpg
-rw------- 1 asterisk asterisk 1280 Jul 31 14:30 trustdb.gpg

When you done all the above procedure, dial extension# 1234 to execute test1.sh script.
It should generate record_mode.gsm.gpg under this path “/var/lib/asterisk/sounds/dictate/” after phone hang up.

Joseph