diff options
| author | Sebastien Helleu <flashcode@flashtux.org> | 2014-02-18 19:26:55 +0100 |
|---|---|---|
| committer | Sebastien Helleu <flashcode@flashtux.org> | 2014-02-18 19:26:55 +0100 |
| commit | 194b362e23e65e7f7802b89efdd53a52292a0b9d (patch) | |
| tree | d17b083c3f43cf7d6745c207542a133aba3bbdf0 /doc/pl | |
| parent | 8e1ad0b1f054b07db793af3a58988b2c6a189fc5 (diff) | |
| download | weechat-194b362e23e65e7f7802b89efdd53a52292a0b9d.zip | |
doc: add chapter about secured data in user's guide
Diffstat (limited to 'doc/pl')
| -rw-r--r-- | doc/pl/weechat_user.pl.txt | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/doc/pl/weechat_user.pl.txt b/doc/pl/weechat_user.pl.txt index 5ce279ceb..4fba64ecb 100644 --- a/doc/pl/weechat_user.pl.txt +++ b/doc/pl/weechat_user.pl.txt @@ -1468,6 +1468,90 @@ Przykład pogrubienia z domyślnym kolorem terminala: /set weechat.color.status_time *99999 ---- +// TRANSLATION MISSING +[[secured_data]] +=== Secured data + +[[secured_data_storage]] +==== Storage + +WeeChat can encrypt passwords or private data using secured data, stored in file +'sec.conf'. + +This configuration file is read before any other file, and the values stored +inside can be used in various WeeChat or plugins/scripts options. + +You can set a passphrase to encrypt data in 'sec.conf'. This is not mandatory +but highly recommended, otherwise data is stored as plain text in file. + +---- +/secure passphrase this is my passphrase +---- + +When a passphrase is set, WeeChat will ask you to enter it on startup (but not +on `/upgrade`). + +You can change this behavior and use a file with the passphrase (see option +<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>). + +[[secured_data_encryption]] +===== Encryption + +The encryption of data is made in 3 steps: + +. Derive a key from the passphrase (with optional salt). +. Compute hash of data to encrypt. +. Encrypt the hash + data (output is: salt + encrypted hash/data). + +[NOTE] +The cipher block mode is 'CFB'. + +The result is put as hexadecimal string in file 'sec.conf', for example: + +---- +[data] +__passphrase__ = on +freenode = "53B1C86FCDA28FC122A95B0456ABD79B5AB74654F21C3D099A6CCA8173239EEA59533A1D83011251F96778AC3F5166A394" +---- + +[[secured_data_decryption]] +===== Decryption + +The decryption of data is made in 3 steps: + +. Derive a key using salt and passphrase. +. Decrypt hash + data. +. Check that decrypted hash == hash of data. + +[[secured_data_manage]] +==== Manage secured data + +To add secured data, use `/secure set`, for example a password for 'freenode' +IRC server: + +---- +/secure set freenode mypassword +---- + +For comfort, secured data can be displayed in a dedicated buffer (key[alt-v] on +buffer to see values), just do: + +---- +/secure +---- + +Secured data can be used in some options that can contain private data like +password, using this format: "${sec.data.xxx}" where "xxx" is the name of +secured data (used with `/secure set xxx ...`). + +For a complete list of supported options, see `/help secure`. + +To use the 'freenode' password, for example with +<<irc_sasl_authentication,SASL authentication>>: + +---- +/set irc.server.freenode.sasl_password "${sec.data.freenode}" +---- + [[options_and_commands]] === Opcje i komendy |