From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 21 Apr 2015 21:17:49 +0000 (+0300)
Subject: Add simple script for creating new clients keys
X-Git-Tag: 2.3^2~9
X-Git-Url: http://www.git.cypherpunks.ru/?p=govpn.git;a=commitdiff_plain;h=934e91a81913a1be8138c28112fdbb855e489b14

Add simple script for creating new clients keys

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>
---

diff --git a/doc/govpn.texi b/doc/govpn.texi
index f15968e..5bf4a04 100644
--- a/doc/govpn.texi
+++ b/doc/govpn.texi
@@ -230,14 +230,25 @@ Ethernet frame header length, that in my case is 14 bytes long (1476 - 14).
 Do not forget about setting @code{GOMAXPROC} environment variable for
 using more than one CPU.
 
+At first you have to generate client's authentication key and client's
+unique identification. There is @code{utils/newclient.sh} script for
+convenience.
+
+@example
+% ./utils/newclient.sh Alice
+peers/9b40701bdaf522f2b291cb039490312/Alice
+@end example
+
+@code{9b40701bdaf522f2b291cb039490312} is client's identification.
+@code{Alice} is just an empty file that can help to search them like
+this: @verb{|find peers -name Alice|}. @code{key} file inside peer's
+directory contains authentication key.
+
 GNU/Linux IPv4 client-server example:
 
 @example
-server% mkdir -p peers/CLIENTID
-server% umask 066
-server% echo MYLONG64HEXKEY > peers/CLIENTID/key
 server% echo "#!/bin/sh" > peers/CLIENTID/up.sh
-server% echo "echo tap10" > peers/CLIENTID/up.sh
+server% echo "echo tap10" >> peers/CLIENTID/up.sh
 server% chmod 500 peers/CLIENTID/up.sh
 server% ip addr add 192.168.0.1/24 dev wlan0
 server% tunctl -t tap10
@@ -265,10 +276,6 @@ done
 FreeBSD IPv6 client-server example:
 
 @example
-server% mkdir -p peers/CLIENTID
-server% umask 066
-server% echo MYLONG64HEXKEY > peers/CLIENTID/key
-server% echo "#!/bin/sh" > 
 server% cat > peers/CLIENTID/up.sh <<EOF
 #!/bin/sh
 $tap=$(ifconfig tap create)
diff --git a/utils/newclient.sh b/utils/newclient.sh
new file mode 100755
index 0000000..620aac7
--- /dev/null
+++ b/utils/newclient.sh
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+
+getrand()
+{
+    local size=$1
+    dd if=/dev/random bs=$size count=1 2>/dev/null | hexdump -ve '"%02x"'
+}
+
+[ -n "$1" ] || {
+    cat <<EOF
+Example script for creating new user peer for GoVPN.
+It just creates directory with random peer ID and random key in it,
+and adds empty file with human readable username.
+
+Usage: $0 <username>
+EOF
+    exit 1
+}
+
+username=$1
+peerid=$(getrand 16)
+umask 077
+mkdir -p peers/$peerid
+getrand 32 > peers/$peerid/key
+touch peers/$peerid/$1
+echo peers/$peerid/$1