| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
5.1.2 Invoking srptool
Simple program that emulates the programs in the Stanford SRP (Secure Remote Password) libraries using GnuTLS. It is intended for use in places where you don’t expect SRP authentication to be the used for system users.
In brief, to use SRP you need to create two files. These are the password file that holds the users and the verifiers associated with them and the configuration file to hold the group parameters (called tpasswd.conf).
This section was generated by AutoGen,
using the agtexi-cmd template and the option descriptions for the srptool program.
This software is released under the GNU General Public License, version 3 or later.
srptool usage (-h)
This is the automatically generated usage text for srptool:
srptool - GnuTLS SRP tool - Ver. 3.0.17
USAGE: srptool [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
-d, --debug=num Enable debugging.
- It must be in the range:
0 to 9999
-i, --index specify the index of the group parameters in tpasswd.conf to use.
-u, --username=str specify a username
-p, --passwd=str specify a password file.
-s, --salt=num specify salt size.
--verify just verify the password.
-v, --passwd-conf=str specify a password conf file.
--create-conf=str Generate a password configuration file.
-v, --version[=arg] Output version information and exit
-h, --help Display extended usage information and exit
-!, --more-help Extended usage information passed thru pager
Options are specified by doubled hyphens and their name or by a single
hyphen and the flag character.
Simple program that emulates the programs in the Stanford SRP (Secure
Remote Password) libraries using GnuTLS. It is intended for use in
places where you don't expect SRP authentication to be the used for
system users.
In brief, to use SRP you need to create two files. These are the
password file that holds the users and the verifiers associated with
them and the configuration file to hold the group parameters (called
tpasswd.conf).
please send bug reports to: bug-gnutls@gnu.org
create-conf option
This is the “generate a password configuration file.” option. This generates a password configuration file (tpasswd.conf) containing the required for TLS parameters.
debug option (-d)
This is the “enable debugging.” option. Specifies the debug level.
index option (-i)
This is the “specify the index of the group parameters in tpasswd.conf to use.” option.
passwd option (-p)
This is the “specify a password file.” option.
passwd-conf option (-v)
This is the “specify a password conf file.” option. Specify a filename or a PKCS #11 URL to read the CAs from.
salt option (-s)
This is the “specify salt size.” option.
username option (-u)
This is the “specify a username” option.
verify option
This is the “just verify the password.” option. Verifies the password provided against the password file.
srptool exit status
One of the following exit values will be returned:
- ‘0’
Successful program execution.
- ‘1’
The operation failed or the command syntax was not valid.
srptool See Also
gnutls-cli-debug (1), gnutls-serv (1), srptool (1), psktool (1), certtool (1)
srptool Examples
To create ‘tpasswd.conf’ which holds the g and n values for SRP protocol (generator and a large prime), run:
$ srptool --create-conf /etc/tpasswd.conf
This command will create ‘/etc/tpasswd’ and will add user ’test’ (you will also be prompted for a password). Verifiers are stored by default in the way libsrp expects.
$ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf -u test
This command will check against a password. If the password matches the one in ‘/etc/tpasswd’ you will get an ok.
$ srptool --passwd /etc/tpasswd --passwd\-conf /etc/tpasswd.conf --verify -u test
| [ << ] | [ < ] | [ Up ] | [ > ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on March 23, 2012 using texi2html 5.0.