]> Cypherpunks.ru repositories - govpn.git/blobdiff - doc/server.texi
projects / govpn.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[DOC] Encryptionless mode
[govpn.git] / doc / server.texi
diff --git a/doc/server.texi b/doc/server.texi
index 49a09fb990438998a7a939d354e650c800761120..2668b1da962e543b09dddba3e37a16d0ed233a35 100644 (file)
--- a/doc/server.texi
+++ b/doc/server.texi
@@ -1,8 +1,8 @@
 @node Server
 @section Server part
 
-Except for common @code{-mtu}, @code{-stats}, @code{-egd} options server
-has the following ones:
+Except for common @code{-stats}, @code{-egd} options server has the
+following ones:
 
 @table @code
 
@@ -25,27 +25,31 @@ Configuration file is JSON file with following example structure:
 
 @verbatim
 {
-  "9b40701bdaf522f2b291cb039490312": {  <-- Peer identifier
-    "name": "stargrave",                <-- OPTIONAL human readable name
-    "up": "./stargrave-up.sh",          <-- up-script
+  "stargrave": {                        <-- Peer human readable name
+    "iface": "tap10",                   <-- OPTIONAL TAP interface name
+    "mtu": 1514,                        <-- OPTIONAL overriden MTU
+    "up": "./stargrave-up.sh",          <-- OPTIONAL up-script
     "down": "./stargrave-down.sh",      <-- OPTIONAL down-script
     "timeout": 60,                      <-- OPTIONAL overriden timeout
     "noise": true,                      <-- OPTIONAL noise enabler
                                             (default: false)
     "cpr": 64,                          <-- OPTIONAL constant packet
                                             rate in KiB/sec
-    "verifier": "2c15bbdffc73193bea56db412bce1143c68ccbdaa9e2eade53a684497646a685"
+    "encless": false,                   <-- OPTIONAL Encryptionless mode
+    "verifier": "$argon2d..."           <-- verifier received from client
   },
   [...]
 }
 @end verbatim
 
-See @ref{Verifier} for its description.
+At least one of either @code{iface} or @code{up} must be specified. If
+you specify @code{iface}, then it will be forcefully used to determine
+what TAP interface will be used. If it is not specified, then up-script
+must output interface's name to stdout (first output line).
+
+For example up-script can be just @code{echo tap10}, or more advanced
+like the following one:
 
-up-script executes each time connection with the client is established.
-Its @emph{stdout} output must contain TAP interface name as the first
-line. This script can be simple @code{echo tap10}, or maybe more
-advanced like this:
 @example
 #!/bin/sh
 $tap=$(ifconfig tap create)
@@ -62,14 +66,14 @@ creation:
 @verbatim
 % ./utils/newclient.sh Alice
 [...]
-Your id is: 7012df29deee2170594119df5091d4a2
+Your client verifier is: $argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
 
 Place the following JSON configuration entry on the server's side:
 
-    "906e34b98750c4f686d6c5489508763c": {
-        "name": "Alice",
+    "Alice": {
         "up": "/path/to/up.sh",
-        "verifier": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+        "iface": "or TAP interface name",
+        "verifier": "$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10"
     }
 [...]
 @end verbatim
Simple secure free software VPN daemon