Hello,

thank you so much for explanation.
Now documentation is look better, but I still have problems with configuration of Client Side.

I do next on server: 
export GOMAXPROC=1
root@calvin:~/govpn# ./utils/newclient.sh Alice
Place verifier to peers/2e6cc6e97d496b29d0271f55/verifier

root@calvin:~/govpn/peers/2e6cc6e97d496b29d0271f55# ls -l
total 12
-rw------- 1 root root  6 May 13 16:22 name
-rwx------ 1 root root 10 May 13 16:22 up.sh
-rw------- 1 root root 65 May 13 16:22 verifier
root@calvin:~/govpn/peers/2e6cc6e97d496b29d0271f55#

How client should now this? 
On client I do as written in updated documentation: 
root@farengeit:~/govpn# ./utils/storekey.sh /tmp/passphrase
Enter passphrase:root@farengeit:~/govpn#

root@farengeit:~/govpn# ./govpn-verifier -id 2e6cc6e97d496b29d0271f55 -key /tmp/passphrase
panic: ID is not specified

goroutine 1 [running]:
runtime.panic(0x4df940, 0xc21001d420)
        /usr/lib/go/src/pkg/runtime/panic.c:266 +0xb6
main.main()
        /root/govpn/src/govpn/cmd/govpn-verifier/main.go:41 +0x96
root@farengeit:~/govpn# ./govpn-verifier -id 2e6cc6e97d496b29d0271f55 -key /tmp/passphrase
panic: ID is not specified

goroutine 1 [running]:
runtime.panic(0x4df940, 0xc21001d420)
        /usr/lib/go/src/pkg/runtime/panic.c:266 +0xb6
main.main()
        /root/govpn/src/govpn/cmd/govpn-verifier/main.go:41 +0x96

2e6cc6e97d496b29d0271f55  - this is the number generated on server.

So because of this error, I can't continue with configuration from here. What I do wrong? 



On Wed, May 13, 2015 at 2:41 PM, <stargrave@stargrave.org> wrote:
*** Alan Holt [2015-05-13 14:03]:
>but when I start the *client*, I see this error:
>root@farengeit:~/govpn# ./govpn-client -key key.txt -id CLIENTID -iface
>tap10 -remote 172.25.60.62:1194 -mtu 1472
>panic: ID is not specified

Well, when writing documentation I assumed that CLIENTID will be
substituted with the real one, created with utils/newclient.sh.
I have updated documentation on http://www.cypherpunks.ru/govpn/Example-usage.html
Hope it is more understandable now. peers-directory is some kind of
database on the server. It contains client's identities, their
verifiers, up/down-scripts. New client is created using
utils/newclient.sh script on the server. On the client side you must
generate so-called verifier and save it on the server.

>What is it client id? How do I specify this?

Technically is just a random 128-bit string, 32 hex characters. It is
generated conveniently with utils/newclient.sh.

>Another question, like this, why it need this: echo "echo tap10" >>
>peers/CLIENTID/up.sh ?
>So I created directory peers/CLIENTID on server and file up.sh with tap10
>
>but I don't really understand why server needs it.

Well, again, utils/newclient.sh creates CLIENTID (32 hex chars)
directory and dummy empty up.sh script. After client is connected,
server requires to know to what TAP-interface it must be attached. up.sh
script tells this by writing its name to stdout. There can be many
various setups where each client can be bind to specified interface
(various networks), or maybe each time new TAP-interface is generated
and added to the bridge network. All those setups are fully configurable
manuall with up.sh and GoVPN's server needs to know only what TAP
interface is must use after client is connected.

--
Happy hacking, Sergey Matveev



--
בברכה, 
אלכס ברבר
+9 72 54 285 952 3
www.linuxspace.org
--
Best regards.
Alex Berber
+9 72 54 285 952 3
www.linuxspace.org