I use the same password across numerous devices (let’s say it’s “MyObviousPassword”). If someone gets access to my PBX they will find my password in the HAAst config file, and then they will be able to break into everything I own.
Can this password by encrypted in a separate file or something?
There are a couple of ways to address your problem.
First, you can limit access to the HAAst config files (or even entire /etc/xdg/telium directory) so that only the root user can read them. Using the chmod command will allow you to set these files to readonly (r – -) for root:
chmod 400 haast.conf
Second, you can also encrypt the password before placing it into the config file. For example, using md5sum we can generate a hash of your obvious password: