@node Verifier
-@section Verifier
+@subsection Verifier
-Verifier is created using @code{govpn-verifier} utility. But currently
-Go does not provide native instruments to read passwords without echoing
-them to stdout. You can use @code{utils/storekey.sh} script to read them
-silently.
+Verifier is created using @command{govpn-verifier} utility.
-@example
-% utils/storekey.sh mypass.txt
-Enter passphrase:[hello world]
-% govpn-verifier -key mypass.txt
-$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
-$argon2d$m=4096,t=128,p=1$bwR5VjeCYIQaa8SeaI3rqg
-@end example
+@verbatim
+% govpn-verifier
+Passphrase:[hello world]
+$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg
+@end verbatim
First line is the verifier for the server side. Second line is for the
-client -- it lacks generated public key. However you can server's one
-on the client side too.
+client -- it lacks generated public key. However you can use server's
+one on the client side too.
-Store @code{$argon2d...u10} string on the server's side in corresponding
-@code{verifier} configuration file's field.
-
-You can check passphrase against verifier by specifying @code{-verifier}
+You can check passphrase against verifier by specifying @option{-verifier}
option with the path to verifier file:
-@example
-% govpn-verifier -key mypass.txt -verifier '$argon2d...'
+@verbatim
+% govpn-verifier -verifier '$balloon...'
+Passphrase:[hello world]
true
-@end example
+@end verbatim
-Plaintext passphrases @strong{must} be stored on volatile memory, for
-example either in memory disk, or on encrypted filesystem with
-restrictive permissions to the file.
+Optionally you can store plaintext passphrases on volatile memory
+(memory disk, encrypted filesystem with restrictive permissions to the
+file) and provide @option{-key} option.