X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fverifier.texi;h=ecf98ad6ddc606342e78dc7886c1c19c99014b01;hb=f9209136cff0331fc2293f25061971f6c77ff213;hp=61b1e4479f954082327f98bb77f76accee825385;hpb=b71b594e74ccbbfc987a787c45158598c2f807c7;p=govpn.git diff --git a/doc/verifier.texi b/doc/verifier.texi index 61b1e44..ecf98ad 100644 --- a/doc/verifier.texi +++ b/doc/verifier.texi @@ -1,29 +1,28 @@ @node Verifier -@section Verifier +@subsection Verifier -Verifier is created using @code{govpn-verifier} utility. But currently -Go does not provide native instruments to read passwords without echoing -them to stdout. You can use @code{utils/storekey.sh} script to read them -silently. +Verifier is created using @command{govpn-verifier} utility. -@example -% utils/storekey.sh mypass.txt -Enter passphrase:[hello world] -% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt -210e3878542828901a3af9b4aa00b004de530410eef5c1ba2ffb6d04504371b2 -@end example +@verbatim +% govpn-verifier +Passphrase:[hello world] +$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10 +$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg +@end verbatim -Store @code{210...1b2} string on the server's side in corresponding -@code{verifier} configuration file's field. +First line is the verifier for the server side. Second line is for the +client -- it lacks generated public key. However you can use server's +one on the client side too. -You can check passphrase against verifier by specifying @code{-verifier} +You can check passphrase against verifier by specifying @option{-verifier} option with the path to verifier file: -@example -% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt -verifier verifier +@verbatim +% govpn-verifier -verifier '$balloon...' +Passphrase:[hello world] true -@end example +@end verbatim -Plaintext passphrases @strong{must} be stored on volatile memory, for -example either in memory disk, or on encrypted filesystem with -restrictive permissions to the file. +Optionally you can store plaintext passphrases on volatile memory +(memory disk, encrypted filesystem with restrictive permissions to the +file) and provide @option{-key} option.