Clarify PSK

author: GDR! <gdr@gdr.name> 2017-06-28 15:42:56 +0200
committer: GitHub <noreply@github.com> 2017-06-28 15:42:56 +0200
commit: 8498602e68a73b56675d1a022f9f84aa3d504b9b (patch)
tree: 76bf0d5c1171a3d5b648c5ad30da5830b6f56db9
parent: c1a04ae71aa9dd7a590035326d5dabac31645fca (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/README.md b/README.md
index 5d12afa..06443ef 100644
--- a/README.md
+++ b/README.md
@@ -68,7 +68,7 @@ The Tuntox server generates a new Tox ID on every startup, or saves its private
 Therefore, posession of the server's Tox ID and a secret should be considered equivalent to posession of an Unix account with SSH access. Tuntox does not implement remote shell capability, but it is possible that it's exploitable.
-PSK authentication is optional - it's only enabled when -s switch is present on server side. PSK is sent as Tox friend request message - as far as the author understands libtoxcore code, it's encrypted using server's public EC key.
+PSK authentication is optional but recommended - it's only enabled when -s switch is present on server side or the TUNTOX_SHARED_SECRET environment variable is set. PSK is sent as Tox friend request message - as far as the author understands libtoxcore code, it's encrypted using server's public EC key.
 The Tuntox Server can optionally allow only whitelisted ToxIDs. Supply *-i yourallowedtoxid* one time or more to add a ToxID to the whitelist. Note: The default client behavior is to generate a new ToxID for every run (because author thinks it's a nice privacy feature). You will want to use the -C switch in client to force reading a saved identity from tox_save.
author	GDR! <gdr@gdr.name>	2017-06-28 15:42:56 +0200
committer	GitHub <noreply@github.com>	2017-06-28 15:42:56 +0200
commit	8498602e68a73b56675d1a022f9f84aa3d504b9b (patch)
tree	76bf0d5c1171a3d5b648c5ad30da5830b6f56db9
parent	c1a04ae71aa9dd7a590035326d5dabac31645fca (diff)

diff --git a/README.md b/README.md index 5d12afa..06443ef 100644 --- a/README.md +++ b/README.md
@@ -68,7 +68,7 @@ The Tuntox server generates a new Tox ID on every startup, or saves its private
68		68
69	Therefore, posession of the server's Tox ID and a secret should be considered equivalent to posession of an Unix account with SSH access. Tuntox does not implement remote shell capability, but it is possible that it's exploitable.	69	Therefore, posession of the server's Tox ID and a secret should be considered equivalent to posession of an Unix account with SSH access. Tuntox does not implement remote shell capability, but it is possible that it's exploitable.
70		70
71	PSK authentication is optional - it's only enabled when -s switch is present on server side. PSK is sent as Tox friend request message - as far as the author understands libtoxcore code, it's encrypted using server's public EC key.	71	PSK authentication is optional but recommended - it's only enabled when -s switch is present on server side or the TUNTOX_SHARED_SECRET environment variable is set. PSK is sent as Tox friend request message - as far as the author understands libtoxcore code, it's encrypted using server's public EC key.
72		72
73	The Tuntox Server can optionally allow only whitelisted ToxIDs. Supply -i yourallowedtoxid one time or more to add a ToxID to the whitelist. Note: The default client behavior is to generate a new ToxID for every run (because author thinks it's a nice privacy feature). You will want to use the -C switch in client to force reading a saved identity from tox_save.	73	The Tuntox Server can optionally allow only whitelisted ToxIDs. Supply -i yourallowedtoxid one time or more to add a ToxID to the whitelist. Note: The default client behavior is to generate a new ToxID for every run (because author thinks it's a nice privacy feature). You will want to use the -C switch in client to force reading a saved identity from tox_save.
74		74