vicidial.org

Hello @ all,

How can i change the cron user and or password?

its not good .. everbody who works with vicidial knows this standart pass.

and 1234 isn´t secure ...

please help .. thx

speed

You run these queries to change it in the db:

update user set password=PASSWORD("NEW-PASSWORD-HERE") where User='cron';
FLUSH PRIVILEGES;

making the appropriate substitution. Then you change the VARDB_pass variable in /etc/astguiclient.conf to match. That should be it.

ok thanks mcargile for your answer
but what about admin in vicidial
it is needed also to change this entry in admin-->server and in admin-->phones to update all password for cron after update of it in database !
for exemple :
in admin-->server they are this setting :

Manager User: cron
Manager Secret:1234

and in admin-->phones they are this setting too :

Manager User: cron
Manager Secret:1234
DBX User:cron
DBX Pass:1234
DBY User:cron
DBY Pass:1234

we need to change them or no after when we update the database password for cron and the etc/astguiclient.conf or no?
also i think we need to change this entry also in etc/asterisk/manager.conf

hm. perhaps a script similar to the update server ip script. so all the passwords could be reset simultaneously to the correct settings ... and NOT be the "standards" any more.

thanks for you post
i will say you just one thing if we use cron with 1234 is not a good thing for me i can say this a probleme of security
and for creating this script i can do it
just here i want to understand what we need to change after our update of cron password in database exactly
say me if my step is good please :
1=update user set password=PASSWORD("NEW-PASSWORD-HERE") where User='cron';
FLUSH PRIVILEGES;
2=hange the VARDB_pass variable in /etc/astguiclient.conf
3=change password cron in etc/asterisk/manager.conf
4=update all new password for cron in vicidia-->admin--> server
as

Manager User: cron
Manager Secret:1234

5=update all new password for cron in vicidia-->admin-->phones
as

Manager User: cron
Manager Secret:1234
DBX User:cron
DBX Pass:1234
DBY User:cron
DBY Pass:1234

it there any other thing to change it ?

limit your vicidial server and phone changes to those with ip matching the server being altered (in case of a cluster setup)

what you mean ?
so i don't need to change any thing in admin-->phones and in admin -->server this ?

brett05 wrote:what you mean ?
so i don't need to change any thing in admin-->phones and in admin -->server this ?

No, i mean servers and phones are specific to a single ip address. if there is more than one server, you only want to change the user/pwd for ONE server and the phones on THAT server. this script would be run on/for each server individually.

so change user/pwd for server with ip xx.xx.xx.xx (not yy.yy.yy.yy) and phones assigned to that same server.

ok thanks
this one i have understand it so here
so i need to change each pass/user to cron in admin-->phones and admin-->server spécific to the ip of asterisk server .
and what about the the etc/asterisk/manager.conf ?
exemple :

[general]
enabled = yes
port = 5038
bindaddr = 0.0.0.0

[cron]
secret = "newpass_cron"
read = system,call,log,verbose,command,agent,user
write = system,call,log,verbose,command,agent,user

[updatecron]
secret = "newpass_cron"
read = command
write = command

[listencron]
secret = "newpass_cron"
read = system,call,log,verbose,command,agent,user
write = command

[sendcron]
secret ="newpass_cron"
read = command
write = system,call,log,verbose,command,agent,user

it is good ?

can anyone write a script ?

after install execute this for security changes..

thx speed

I'm quite sure someone will ... but if you want it done NOW ...

Done what?

i realy respekt you knowlege about vicidial !

but i ám not a script delveloper - that means

i cant write this skript - ok.

Its not only my problem -its a big security problem for all vicidial supporter.

some one had more knowlege because 3 years expirience - i had only 6 months ??

im learning everday but its not possible to learn all about vicidial and delveloping at the same time.

if my knowlege sufficient for delveloping the scipt then i will DO it.

but now my knowlege isnt sufficient.

but this does not alter the problem - this is a big security problem.

When anyone write a funktional script for this security problem i will donate 100 Dollar.

i hope someone had the same problem und donate a little bit.

thx speed.

speed wrote:...When anyone write a funktional script for this security problem i will donate 100 Dollar.

i hope someone had the same problem und donate a little bit...

This would be an appropriate place to start a bounty:
http://www.vicidial.org/VICIDIALforum/viewforum.php?f=9