2 @unnumbered Password authentication
4 Password authentication is required for packages uploading. Passwords
5 are dynamically changed through the FIFO file. You have to create it and
6 use in @option{-passwd} option. Optionally, to list currently present
7 logins use another FIFO and @option{-passwd-list} option:
10 $ mkfifo passwd passwd-list
11 $ gocheese -passwd passwd -passwd-list passwd-list ...
14 Then you must feed it newline-separated records in following format:
17 username:hashed-password[:ro]
20 Where @code{hashed-password} is in one of following algorithms:
24 @item @url{https://www.argon2i.com/, Argon2i} (recommended one!)
25 To get Argon2i hashed-password you can use any of following tools:
28 @item @code{go install @url{https://github.com/balakhonova/argon2i,
29 github.com/balakhonova/argon2i@@latest}} (Go)
30 @item @url{https://github.com/p-h-c/phc-winner-argon2} (C)
33 Example user @code{foo} with password @code{bar} can have the
34 following password file entry:
37 foo:$argon2i$v=19$m=32768,t=3,p=4$OGU5MTM3YjVlYzQwZjhkZA$rVn53v6Ckpf7WH0676ZQLr9Hbm6VH3YnL6I9ONJcIIU
41 You can use your operating system tools:
44 $ echo -n "password" | `command -v sha256 || echo sha256sum`
47 Example user @code{foo} with password @code{bar} will have the
48 following password file entry:
51 foo:$sha256$fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9
56 Optional @code{:ro} flag forbids user to upload packages, but allows
57 read-only access if @option{-auth-required} is enabled.
59 To add or update password entry:
62 $ echo foo:$sha256$... > passwd
63 $ cat passwords.txt > passwd
66 To delete login entry use empty password:
72 You can also check you passwords file with:
75 $ gocheese -passwd-check < passwords.txt