Procedure To Encrypt/Decrypt Configuration Files - Aastra SIP 53I Administrator's Manual

Encrypted Files on the IP Phone
Encrypted Files on the IP Phone
To make changes to the configuration files, the System Administrator must
decrypt the files, make the changes, and re-encrypt the files. The encrypted files
must then be downloaded to the IP phones again.

Procedure to Encrypt/Decrypt Configuration Files

To encrypt the IP phone configuration files:
Open a command line window application (i.e., DOS window).
1.
At the prompt, enter anacrypt.exe and press <Return>.
2.
C:\> anacrypt.exe -h
Provides encryption and decryption of the configuration files used for the family
of Aastra IP phones, using 56bit triple-DES and site-specific keys.
Copyright (c) 2005, Aastra Technologies, Ltd.
Copyright (c) 1999, Philip J. Erdelsky
Usage:
anacrypt infile.{cfg|tuz} [-o outfile] [-p password] [-h]
[-v] Display version number
[-h] Display program help text
[-o [device:][path]] Writes output file on specific device or path
[-p password] Password used to generate the cryptographic key
Restrictions:
Infile extension determines operation, .cfg=plaintext to be encrypted,
.tuz=ciphertext to be decrypted. Outfile extension is opposite of input.
Filenames may optionally include any non-wildcard subset of [device:][\path\].
If -p is omitted, user is prompted to interactively enter the password.
Note: 3DES does not validate decryption, incorrect password produces garbage. For
site-specific keyfile security.cfg the plaintext must match password.
41-001160-00, Release 2.1, Rev 04
Note: If the use of encrypted configuration files is enabled (via
security.tuz or pre-provisioned on the IP phone) the aastra.cfg and
<mac>.cfg files are ignored, and only the encrypted equivalent files
aastra.tuz and <mac>.tuz are read.
7-3