Replace Argon2 with Balloon hashing

[govpn.git] / doc / server.texi

diff --git a/doc/server.texi b/doc/server.texi
index 489402c0ed5e600e32e6040b6c7dbd869f23390a..325d317cb4b435f88398e56d51382166919c008f 100644 (file)
--- a/doc/server.texi
+++ b/doc/server.texi
@@ -1,18 +1,13 @@
 @node Server
 @node Server

-@cindex Server
-@cindex Server part
-@cindex Server configuration
-@cindex Server side
-@cindex govpn-server

 @section Server part
 
 @section Server part
 

-Except for common @code{-stats}, @code{-egd} options server has the
-following ones:
+Except for common @ref{Stats, -stats}, @ref{EGD, -egd}, @ref{Syslog, -syslog}
+options server has the following ones:

 
 

-@table @code
+@table @option

 
 @item -proto
 
 @item -proto

-@ref{Network, network protocol} to use. Can be @emph{udp} (default),
+@ref{Network, Network protocol} to use. Can be @emph{udp} (default),

 @emph{tcp} or @emph{all}.
 
 @item -bind
 @emph{tcp} or @emph{all}.
 
 @item -bind


@@ -26,15 +21,12 @@ Start trivial HTTP @ref{Proxy} server on specified @emph{host:port}.
 
 @end table
 
 
 @end table
 

-@cindex YAML
-@cindex YAML configuration
-@cindex Configuration file

 Configuration file is YAML file with following example structure:
 
 @verbatim
 Configuration file is YAML file with following example structure:
 
 @verbatim

-stargrave: {                        <-- Peer human readable name
+stargrave:                          <-- Peer human readable name

     iface: tap10                    <-- OPTIONAL TAP interface name
     iface: tap10                    <-- OPTIONAL TAP interface name

-    mtu: 1514                       <-- OPTIONAL overriden MTU
+    mtu: 1515                       <-- OPTIONAL overriden MTU

     up: ./stargrave-up.sh           <-- OPTIONAL up-script
     down: ./stargrave-down.sh       <-- OPTIONAL down-script
     timeout: 60                     <-- OPTIONAL overriden timeout
     up: ./stargrave-up.sh           <-- OPTIONAL up-script
     down: ./stargrave-down.sh       <-- OPTIONAL down-script
     timeout: 60                     <-- OPTIONAL overriden timeout


@@ -42,55 +34,54 @@ stargrave: {                        <-- Peer human readable name
     noise: No                       <-- OPTIONAL noise enabler
     cpr: 64                         <-- OPTIONAL constant packet rate, KiB/sec
     encless: No                     <-- OPTIONAL Encryptionless mode
     noise: No                       <-- OPTIONAL noise enabler
     cpr: 64                         <-- OPTIONAL constant packet rate, KiB/sec
     encless: No                     <-- OPTIONAL Encryptionless mode

-    verifier: $argon2d...           <-- verifier received from client
+    verifier: $baloon...            <-- verifier received from client

 [...]
 @end verbatim
 
 At least one of either @code{iface} or @code{up} must be specified. If
 you specify @code{iface}, then it will be forcefully used to determine
 [...]
 @end verbatim
 
 At least one of either @code{iface} or @code{up} must be specified. If
 you specify @code{iface}, then it will be forcefully used to determine

-what TAP interface will be used. If it is not specified, then up-script
-must output interface's name to stdout (first output line).
+what TAP interface will be used. If it is not specified, then
+up-@ref{Scripts, script} must output interface's name to stdout
+(first output line).

 
 For example up-script can be just @code{echo tap10}, or more advanced
 like the following one:
 
 
 For example up-script can be just @code{echo tap10}, or more advanced
 like the following one:
 

-@cindex up-script
-
-@example
+@verbatim

 #!/bin/sh
 $tap=$(ifconfig tap create)
 ifconfig $tap inet6 fc00::1/96 mtu 1412 up
 echo $tap
 #!/bin/sh
 $tap=$(ifconfig tap create)
 ifconfig $tap inet6 fc00::1/96 mtu 1412 up
 echo $tap

-@end example
+@end verbatim

 
 Each minute server rereads and refreshes peers configuration and adds
 newly appeared identities, deletes an obsolete ones.
 
 
 Each minute server rereads and refreshes peers configuration and adds
 newly appeared identities, deletes an obsolete ones.
 

-You can use convenient @code{utils/newclient.sh} script for new client
+You can use convenient @command{utils/newclient.sh} script for new client

 creation:
 
 @verbatim
 % ./utils/newclient.sh Alice
 [...]
 creation:
 
 @verbatim
 % ./utils/newclient.sh Alice
 [...]

-Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
+Your client verifier is: $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg

 
 Place the following YAML configuration entry on the server's side:
 
     Alice:
         up: /path/to/up.sh
         iface: or TAP interface name
 
 Place the following YAML configuration entry on the server's side:
 
     Alice:
         up: /path/to/up.sh
         iface: or TAP interface name

-        verifier: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+        verifier: $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10

 @end verbatim
 
 Example configuration file:
 @verbatim
 stargrave:
     iface: tap0
 @end verbatim
 
 Example configuration file:
 @verbatim
 stargrave:
     iface: tap0

-    verifier: $argon2d$m=4096,t=128,p=1$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY
+    verifier: $balloon$s=32768,t=16,p=2$VMirzcshcHuG2V4jhUsEjw$X5fC07L8k61h3S1Oro/rC76+m0oGDTA9Bq+aWJ1uOgY

 slow:
     iface: tap1
     encless: Yes
     mtu: 9000
     cpr: 384
 slow:
     iface: tap1
     encless: Yes
     mtu: 9000
     cpr: 384

-    verifier: $argon2d$m=4096,t=128,p=1$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U
+    verifier: $balloon$s=32768,t=16,p=2$YbIA5garDqCOhtI/2EZVNg$gOo5vcEGynmpeepNscwclicfZsWxzgYFRLbgG21EZ1U

 @end verbatim
 @end verbatim