Verifier is created using govpn-verifier
utility.
$ govpn-verifier Passphrase:[hello world] $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg$KCNIqfS4DGsBTtVytamAzcISgrlEWvNxan1UfBrFu10 $balloon$s=32768,t=16,p=2$bwR5VjeCYIQaa8SeaI3rqg
First line is the verifier for the server side. Second line is for the client – it lacks generated public key. However you can use server’s one on the client side too.
You can check passphrase against verifier by specifying -verifier option with the path to verifier file:
$ govpn-verifier -verifier '$balloon...' Passphrase:[hello world] true
Optionally you can store plaintext passphrases on volatile memory (memory disk, encrypted filesystem with restrictive permissions to the file) and provide -key option.