]> Cypherpunks.ru repositories - govpn.git/blobdiff - doc/precautions.texi
projects / govpn.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use A-EKE instead of EKE. Doc refactoring. Preparing for 3.0 release
[govpn.git] / doc / precautions.texi
diff --git a/doc/precautions.texi b/doc/precautions.texi
index bae37b3ec4e5d02e167d8488264aed1f468c6dd6..93b179e427f6829246d6a45e4b70bb0cb0f8068e 100644 (file)
--- a/doc/precautions.texi
+++ b/doc/precautions.texi
@@ -17,3 +17,8 @@ Also you should @strong{never} use one key for multiple clients. Salsa20
 encryption is randomized in each session, but it depends again on PRNG.
 If it fails, produces equal values at least once, then all you traffic
 related to that key could be decrypted.
+
+We use password (passphrase) authentication, so overall security fully
+depends on it's strength. So you should use long, high-entropy
+passphrases. Also remember to keep passphrase on temporary file as
+described in @ref{Verifier}.
Simple secure free software VPN daemon