vicidial.org

Hi Support,

sorry i’m still newbies in vicidial.

I want to encrypt the recording in vicidial, i understood gpg file can do encrypted the recording file but i don’t know how to setup that file and how to decrypt the recording back?
can someone help me on this?

Vicidial :2.4b0.5
Asterisk : 1.8.2-vici
SVN : 3180

Yes, we have GPG call recording encryption for VICIdial. It works, and is as frustrating as you would guess it would be to use

We wrote this for a client who was already using PGP heavily in their organization, so we didn't really go too in-depth into explaining the process.

Basically, every person that wants to access the encrypted recordings has to have the PGP application installed on their workstations. They also have to have the PGP private keys for any files they wish to decrypt loaded onto their workstations. They also need to know the passphrase for those private PGP keys in order to decrypt each PGP-encrypted file.

How it works from the VICIdial side is:
- At end of call, recording is compressed(usually MP3) as it normally is
- Encrypt script(AST_CRON_audio_2_encrypt.pl) goes through the compressed recordings encrypting them with the defined PGP public keys
- FTP script sends encrypted recordings(with ".pgp" file extension) to archive server
- Users click on recording links in admin web page to download recordings
- PGP application on user workstation opens up, they are prompted for PGP key passphrase
- recording plays in audio player on workstation

Very few of the clients we've explained it to actually end up installing it, given how cumbersome it makes accessing recordings, but it is extremely secure.

I will try and see the result.

I just need to change the cronjob only right as below?

# AST_CRON_audio_2_encrypt.pl
#
# This is a STEP-2 program in the audio archival process(should happen AFTER any compression)
#
# runs every 3 minutes and encrypts the recording files to GPG format by default
#
# put an entry into the cron of of your asterisk machine to run this script
# every 3 minutes or however often you desire
#
# You MUST define the type of audio file that this process will pull from: WAV, GSM, MP3, OGG, GSW
#
# ### recording mixing/compressing/encrypting/ftping scripts
##0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
# 0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
# 1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --GSM
# 2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_2_encrypt.pl --GPG --GSM --recipients=gpg@vicidial.com
# 0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --GPG
#
# FLAGS FOR ENCRYPTION OPTIONS
# --GPG = GnuPG encryption(assumes recipient public keys are loaded on server)
#

Thanks to open this topic, actually, I have faced this issue as well, thanks for the help...

First, you need to make sure "gpg" is installed on each dialer. Then you need to import all of the PGP public keys that you will want to use for the "recipients" of these PGP-encrypted recordings, then you need to manually test encrypting something on each dialer with gpg and ensure that the recipients can open them, then the last step is to put the new crontab entry in.

Hi mflorell,

Thank you for your advise.
I will try and let know the result.

Hi Mflorell,

What PGP application you recommend for workstation those to decrypt the recording file? I mean in windows.

GPG-4-win is what we used to test with when we developed this:
https://www.gpg4win.org/

Hi Mflorell,

Thanks a lot for your helping on this.
This issue has been resolved.