diff options
Diffstat (limited to 'doc/source/misc')
| -rw-r--r-- | doc/source/misc/client_certs.rst | 43 | ||||
| -rw-r--r-- | doc/source/misc/index.rst | 2 | ||||
| -rw-r--r-- | doc/source/misc/pyenv.rst | 47 | ||||
| -rw-r--r-- | doc/source/misc/troubleshooting.rst | 8 |
4 files changed, 92 insertions, 8 deletions
diff --git a/doc/source/misc/client_certs.rst b/doc/source/misc/client_certs.rst new file mode 100644 index 00000000..df09ea3c --- /dev/null +++ b/doc/source/misc/client_certs.rst @@ -0,0 +1,43 @@ +Using client certificates to login +================================== + +Passwordless authentication is possible in XMPP through the use of mecanisms +such as `SASL External`_. This mechanism has to be supported by both the client +and the server. This page does not cover the server setup, but prosody has a +`mod_client_certs`_ module which can perform this kind of authentication, and +also helps you create a self-signed certificate. + +Poezio configuration +-------------------- + +If you created a certificate using the above link, you should have at least +two files, a ``.crt`` (public key in PEM format) and a ``.key`` (private key +in PEM format). + +You only have to store the files wherever you want and set :term:`keyfile` +with the path to the private key (``.key``), and :term:`certfile` with the +path to the public key (``.crt``). + +Authorizing your keys +--------------------- + +Now your poezio is setup to try to use client certificates at each connection. +However, you still need to inform your XMPP server that you want to allow +those keys to access your account. + +This is done through :term:`/cert_add`. Once you have added your certificate, +you can try to connect without a password by commenting the option. + +.. note:: The :term:`/cert_add` command and the others are only available if + your server supports them. + +Next +---- +Now that this is setup, you might want to use :term:`/certs` to list the +keys currently known by your XMPP server, :term:`/cert_revoke` or +:term:`/cert_disable` to remove them, and :term:`/cert_fetch` to retrieve +a public key. + + +.. _SASL External: http://xmpp.org/extensions/xep-0178.html +.. _mod_client_certs: https://code.google.com/p/prosody-modules/wiki/mod_client_certs diff --git a/doc/source/misc/index.rst b/doc/source/misc/index.rst index 08349437..2603298e 100644 --- a/doc/source/misc/index.rst +++ b/doc/source/misc/index.rst @@ -7,8 +7,10 @@ Contents: :maxdepth: 2 carbons + client_certs correct personal_events + pyenv separate ssl troubleshooting diff --git a/doc/source/misc/pyenv.rst b/doc/source/misc/pyenv.rst new file mode 100644 index 00000000..e46f1bec --- /dev/null +++ b/doc/source/misc/pyenv.rst @@ -0,0 +1,47 @@ +.. _pyenv-install: + +Installing python 3.4 as a user +------------------------------- + +Building your own python 3 +========================== + +- Go to the `python download page`_ +- Select the “Latest Python 3 Release” +- Download a tarball and extract it +- Run ``./configure && make`` (takes only a few minutes even on old CPUs) +- Edit the poezio launch.sh script to make it call your user-compiled python binary + +Pyenv (x86/x86_64 only) +======================= + +Pyenv_ is a useful script that allows you to install several python versions +in your user directory, and lets you manage which one you want depending on +the directory you are in. It is therefore useful for people who are on +distributions not providing the latest stable version, such as Debian or +CentOS. + +You can follow the step-by-step `installation tutorial`_ on github that will +help you install it to your home directory (on step 5, you should use 3.4.2 +which is the latest python 3.4 release at the time of writing this page); or +you can use the `automated installer`_ and use ``pyenv install 3.4.2`` +thereafter. + +Then you only need to add a ``.python-version`` file containing ``3.4.2`` in +your poezio directory to make the python version in that directory default to +the python 3.4.2 installed with pyenv. + + +Other +===== + +pythonz_ allows the same kind of version management as pyenv, but builds +from source instead of fetching precompiled binaries, so it allows more +control over what is going on. + + +.. _Pyenv: https://github.com/yyuu/pyenv +.. _installation tutorial: https://github.com/yyuu/pyenv#installation +.. _automated installer: https://github.com/yyuu/pyenv-installer +.. _python download page: https://www.python.org/downloads/source/ +.. _pythonz: https://github.com/saghul/pythonz diff --git a/doc/source/misc/troubleshooting.rst b/doc/source/misc/troubleshooting.rst index f3684dce..6e625d09 100644 --- a/doc/source/misc/troubleshooting.rst +++ b/doc/source/misc/troubleshooting.rst @@ -23,14 +23,6 @@ Poezio tracebacks with weird encoding errors -------------------------------------------- Please check your locale for utf-8 compatibility. -Reconnecting sucks ------------------- -We know. - -Some weird graphical glitches appear once in a blue moon and go away after a refresh ------------------------------------------------------------------------------------- -We know. - Python is too heavy ------------------- We know. It’s too late to change that. If you are running your XMPP client on a toaster, |