Next: Client part, Previous: CPR, Up: User manual
Verifier is created using govpn-verifier
utility. But currently
Go does not provide native instruments to read passwords without echoing
them to stdout. You can use utils/storekey.sh
script to read them
silently.
% utils/storekey.sh mypass.txt Enter passphrase:[hello world] % govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt 210e3878542828901a3af9b4aa00b004de530410eef5c1ba2ffb6d04504371b2
Store "210...1b2" string on the server’s side in corresponding
verifier
file.
You can check passphrase against verifier by specifying -verifier
option with the path to verifier file:
% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt -verifier verifier true
Plaintext passphrases must be stored on volatile memory, for example either in memory disk, or on encrypted filesystem with restrictive permissions to the file.