Next: , Previous: , Up: User  


Verifier

Verifier is created using govpn-verifier utility. But currently Go does not provide native instruments to read passwords without echoing them to stdout. You can use utils/storekey.sh script to read them silently.

% utils/storekey.sh mypass.txt
Enter passphrase:[hello world]
% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt
210e3878542828901a3af9b4aa00b004de530410eef5c1ba2ffb6d04504371b2

Store 210...1b2 string on the server’s side in corresponding verifier configuration file’s field.

You can check passphrase against verifier by specifying -verifier option with the path to verifier file:

% govpn-verifier -id 9da9bf91112d0e4483c135b12d5b48de -key mypass.txt -verifier verifier
true

Plaintext passphrases must be stored on volatile memory, for example either in memory disk, or on encrypted filesystem with restrictive permissions to the file.