@node Passwords
@unnumbered Password authentication

Password authentication is required for packages uploading.
You have to store your authentication data in @option{-passwd} file in
following format:

@example
username:hashed-password
@end example

Empty lines and having @verb{|#|} at the beginning are skipped.

Supported hashing algorithms are:

@table @asis

@item @url{https://www.argon2i.com/, Argon2i} (recommended one!)
    To get Argon2i hashed-password you can use any of following tools:
    @itemize
    @item go get @url{https://github.com/balakhonova/argon2i,
        github.com/balakhonova/argon2i} (Go)
    @item @url{https://github.com/p-h-c/phc-winner-argon2} (C)
    @end itemize
    Example user @code{foo} with password @code{bar} can have the
    following password file entry:

@verbatim
foo:$argon2i$v=19$m=32768,t=3,p=4$OGU5MTM3YjVlYzQwZjhkZA$rVn53v6Ckpf7WH0676ZQLr9Hbm6VH3YnL6I9ONJcIIU
@end verbatim

@item SHA256
    You can use your operating system tools:

@example
# BSD-based systems:
$ echo -n "password" | sha256

# GNU/Linux-based systems
$ echo -n "password" | sha256sum
@end example

    Example user @code{foo} with password @code{bar} will have the
    following password file entry:

@verbatim
foo:$sha256$fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9
@end verbatim

@end table

You can refresh passwords by sending @code{SIGHUP} signal to the working daemon:

@example
$ pkill -HUP gocheese
$ kill -HUP `pidof gocheese`
$ svc -h /var/service/gocheese
@end example

Before refreshing it's recommended to check @option{-passwd} file with
@option{-passwd-check} option to prevent daemon failure.