Next: Installation, Previous: ЧАВО, Up: Top [Index]
storekey.sh
utility removed.
govpn-verifier
utility also can use EGD.
/dev/random
,
providing higher quality entropy from external sources.
-noncediff
option. It is replaced with in-memory
storage of seen nonces, thus eliminating possible replay attacks at all
without performance degradation related to inbound packets reordering.
A-EKE with PBKDF2-based verifiers is resistant to dictionary attacks, can use human memorable passphrases instead of static keys and server-side verifiers can not be used for authentication (compromised server does not leak client’s authentication keys/passphrases).
-timeout
, -noncediff
, -noise
and
-cpr
configuration options for server.
Next: Installation, Previous: ЧАВО, Up: Top [Index]