EasyManuals Logo

Yealink SIP-T21 E2 Administrator's Guide

Yealink SIP-T21 E2
1126 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #983 background imageLoading...
Page #983 background image
Configuring Security Features
957
registration information).
Yealink supplies a configuration encryption tool for encrypting configuration files. The
encryption tool encrypts plaintext configuration files (e.g., account.cfg, <y0000000000xx>.cfg,
<MAC>.cfg) (one by one or in batch) using 16-character symmetric keys (the same or different
keys for configuration files) and generates encrypted configuration files with the same file
name as before.
Note
This tool also encrypts the plaintext 16-character symmetric keys using a fixed key, which is the
same as the one built in the IP phone, and generates new files named as <xx_Security>.enc (xx
indicates the name of the configuration file, for example, y000000000028_Security.enc for
y000000000028.cfg file, account_Security.enc for account.cfg). This tool generates another new
file named as Aeskey.txt to store the plaintext 16-character symmetric keys for each
configuration file.
For a Microsoft Windows platform, you can use a Yealink-supplied encryption tool
“Config_Encrypt_Tool.exe” to encrypt the configuration files respectively.
Note
For security reasons, administrator should upload encrypted configuration files,
<xx_Security>.enc files to the root directory of the provisioning server. During auto
provisioning, the IP phone requests to download the boot file first and then download the
referenced configuration files. For more information on boot file, refer to Boot Files on page
136. For example, the IP phone downloads account.cfg file and it is encrypted. The IP phone will
request to download <account_Security>.enc file (if enabled) and decrypt it into the plaintext
key (e.g., key2) using the built-in key (e.g., key1). Then the IP phone decrypts account.cfg file
using key2. After decryption, the IP phone resolves configuration files and updates
configuration settings onto the IP phone system.
The way the IP phone processes other configuration files is the same to that of the account.cfg
file.
You can also configure the <MAC>-local.cfg files to be automatically encrypted using 16-
character symmetric keys when uploading to the server (by setting the value of the parameter
“static.auto_provision.encryption.config” to 1).
Yealink also supplies a configuration encryption tool (yealinkencrypt) for Linux platform if
required. For more information, refer to
Yealink Configuration Encryption Tool User Guide
.

Table of Contents

Other manuals for Yealink SIP-T21 E2

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Yealink SIP-T21 E2 and is the answer not in the manual?

Yealink SIP-T21 E2 Specifications

General IconGeneral
BrandYealink
ModelSIP-T21 E2
CategoryIP Phone
LanguageEnglish

Related product manuals