@node Verifier
-@section Verifier
+@subsection Verifier
-Verifier is created using @code{govpn-verifier} utility. But currently
-Go does not provide native instruments to read passwords without echoing
-them to stdout. You can use @code{utils/storekey.sh} script to read them
-silently.
+Verifier is created using @command{govpn-verifier} utility.
-@example
-% utils/storekey.sh mypass.txt
-Enter passphrase:[hello world]
-% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt
-210e3878542828901a3af9b4aa00b004de530410eef5c1ba2ffb6d04504371b2
-@end example
+@verbatim
+% govpn-verifier
+Passphrase:[hello world]
+$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10
+$balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg
+@end verbatim
-Store @code{210...1b2} string on the server's side in corresponding
-@code{verifier} configuration file's field.
+First line is the verifier for the server side. Second line is for the
+client -- it lacks generated public key. However you can use server's
+one on the client side too.
-You can check passphrase against verifier by specifying @code{-verifier}
+You can check passphrase against verifier by specifying @option{-verifier}
option with the path to verifier file:
-@example
-% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt -verifier verifier
+@verbatim
+% govpn-verifier -verifier '$balloon...'
+Passphrase:[hello world]
true
-@end example
+@end verbatim
-Plaintext passphrases @strong{must} be stored on volatile memory, for
-example either in memory disk, or on encrypted filesystem with
-restrictive permissions to the file.
+Optionally you can store plaintext passphrases on volatile memory
+(memory disk, encrypted filesystem with restrictive permissions to the
+file) and provide @option{-key} option.