2 @unnumbered Precautions
6 We use passphrase authentication, so overall security fully depends on
7 its strength. You @strong{should} use long, high-entropy passphrases.
8 Also remember to keep passphrase in temporary file and read it securely
9 as described in @ref{Verifier, verifier}.
12 You must @strong{never} use the same key for multiple clients.
15 You must use @strong{cryptographically good} pseudo random number
16 generator. By default we use default @code{crypto/rand} library that
17 reads @file{/dev/urandom} source. Some GNU/Linux and FreeBSD systems
18 are rather good with this entropy source. Closed proprietary ones are
19 always not and you must use optional @ref{EGD} feature with them.