My Asterisk system is stood up and it works so well that I would like to be able to remotely access it with either my SIP client on my Android device or a traditional Linksys ATA (SPA2102).
Before doing so, I am interested in understanding the key security issues. Is there a good cookbook out there that addresses this? I am particular concerned with secure Authentication and Authorization considerations. It sure would be nice to be able to travel in be able to securely access my home Asterisk system: Asterisk 18.104.22.168 on an ASUS RT-N16 router.
Update: I noticed that the configuration interface for the SPA2102 provides two fields for Authentication:
- Mini Certificate
- SRTP Private key
Here is a snapshot:
That being said,I am hoping that someone with experience using the Mini Certificate to secure remote endpoints (Linksys ATAs) to Asterisk would be able provide pointers to secure configuration knowledge URLs. A paper evaluating the security posture of the Magnusson SRTP implemention is here.
I am more concerned with securing credentials and not really concerned about privacy of the video \ audio, though it would be a bonus.