| srptool(1) | User Commands | srptool(1) |
srptool - GnuTLS SRP tool
srptool [-flags] [-flag [value]] [--option-name[[=| ]value]]
All arguments must be options.
Simple program that emulates the programs in the Stanford SRP (Secure Remote Password) libraries using GnuTLS. It is intended for use in places where you don't expect SRP authentication to be the used for system users.
In brief, to use SRP you need to create two files. These are the password file that holds the users and the verifiers associated with them and the configuration file to hold the group parameters (called tpasswd.conf).
in the range 0 through 9999
Specifies the debug level.
Verifies the password provided against the password file.
Specify a filename or a PKCS #11 URL to read the CAs from.
This generates a password configuration file (tpasswd.conf) containing the required for TLS parameters.
To create tpasswd.conf which holds the g and n values for
SRP protocol (generator and a large prime), run:
$ srptool --create-conf /etc/tpasswd.conf
This command will create /etc/tpasswd and will add user
'test' (you will also be prompted for a password). Verifiers are stored by
default in the way libsrp expects.
$ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf -u test
This command will check against a password. If the password
matches the one in /etc/tpasswd you will get an ok.
$ srptool --passwd /etc/tpasswd --passwd-conf /etc/tpasswd.conf --verify -u test
One of the following exit values will be returned:
gnutls-cli-debug (1), gnutls-serv (1), srptool (1), psktool (1), certtool (1)
Nikos Mavrogiannopoulos, Simon Josefsson and others; see /usr/share/doc/gnutls/AUTHORS for a complete list.
Copyright (C) 2000-2020 Free Software Foundation, and others all rights reserved. This program is released under the terms of the GNU General Public License, version 3 or later.
Please send bug reports to: bugs@gnutls.org
This manual page was AutoGen-erated from the srptool option definitions.
| 2023-11-30 | 3.7.1 |