]> Cypherpunks.ru repositories - gocheese.git/blobdiff - doc/passwords.texi
projects / gocheese.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
FIFO-based password management
[gocheese.git] / doc / passwords.texi
diff --git a/doc/passwords.texi b/doc/passwords.texi
index 18b8f6b611f0cbcd87aa61f4b4b86b2cfde670ee..d3d9ad4039b09092c0e5969020a8f230359e3850 100644 (file)
--- a/doc/passwords.texi
+++ b/doc/passwords.texi
@@ -1,27 +1,34 @@
 @node Passwords
 @unnumbered Password authentication
 
-Password authentication is required for packages uploading.
-You have to store your authentication data in @option{-passwd} file in
-following format:
+Password authentication is required for packages uploading. Passwords
+are dynamically changed through the FIFO file. You have to create it and
+use in @option{-passwd} option:
 
 @example
-username:hashed-password
+$ mkfifo passwd
+$ gocheese -passwd passwd ...
 @end example
 
-Empty lines and having @verb{|#|} at the beginning are skipped.
+Then you must feed it newline-separated records in following format:
+
+@example
+username:hashed-password
+@end example
 
-Supported hashing algorithms are:
+Where @code{hashed-password} is in one of following algorithms:
 
 @table @asis
 
 @item @url{https://www.argon2i.com/, Argon2i} (recommended one!)
     To get Argon2i hashed-password you can use any of following tools:
+
     @itemize
-    @item go get @url{https://github.com/balakhonova/argon2i,
-        github.com/balakhonova/argon2i} (Go)
+    @item @code{go get @url{https://github.com/balakhonova/argon2i,
+        github.com/balakhonova/argon2i}} (Go)
     @item @url{https://github.com/p-h-c/phc-winner-argon2} (C)
     @end itemize
+
     Example user @code{foo} with password @code{bar} can have the
     following password file entry:
 
@@ -33,11 +40,7 @@ foo:$argon2i$v=19$m=32768,t=3,p=4$OGU5MTM3YjVlYzQwZjhkZA$rVn53v6Ckpf7WH0676ZQLr9
     You can use your operating system tools:
 
 @example
-# BSD-based systems:
-$ echo -n "password" | sha256
-
-# GNU/Linux-based systems
-$ echo -n "password" | sha256sum
+$ echo -n "password" | `command -v sha256 || echo sha256sum`
 @end example
 
     Example user @code{foo} with password @code{bar} will have the
@@ -49,13 +52,22 @@ foo:$sha256$fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9
 
 @end table
 
-You can refresh passwords by sending @code{SIGHUP} signal to the working daemon:
+To add or update password entry:
 
 @example
-$ pkill -HUP gocheese
-$ kill -HUP `pidof gocheese`
-$ svc -h /var/service/gocheese
+$ echo foo:$sha256$... > passwd
+$ cat passwords.txt > passwd
 @end example
 
-Before refreshing it's recommended to check @option{-passwd} file with
-@option{-passwd-check} option to prevent daemon failure.
+To delete login entry use empty password:
+
+@example
+$ echo foo: > passwd
+@end example
+
+You can also check you passwords file with:
+
+@example
+$ gocheese -passwd-check < passwords.txt
+$ echo $?
+@end example
Python private package repository and caching proxy