From 6cedd8354a6dd21f1e5fe094d4eb26dd3f92b49f Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Wed, 1 Jul 2020 21:43:44 +0100 Subject: docs(REVIEWS): Update registration instructions for password hashes Change-Id: Idb8e5259f7b2a7105219fd3a21dc4b5774c44460 Reviewed-on: https://cl.tvl.fyi/c/depot/+/836 Reviewed-by: BuildkiteCI Reviewed-by: glittershark Tested-by: BuildkiteCI --- docs/REVIEWS.md | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/REVIEWS.md b/docs/REVIEWS.md index 3f0036456bee..872bf73d6d28 100644 --- a/docs/REVIEWS.md +++ b/docs/REVIEWS.md @@ -99,11 +99,19 @@ instructions: 1. Be a member of `##tvl`. 2. Clone the depot locally. 3. Create a user entry in our LDAP server in [tvl-slapd/default.nix][tvl-slapd]. - You can create your password hash by using `slappasswd`, which ships in the - `openldap` package on most distributions. - On systems with Nix systems you can use `nix-shell -p openldap` to get access - to the command. + We recommend using ARGON2 password hashes, which can be created + with the `slappasswd` tool if OpenLDAP was compiled with ARGON2 + support. + + For convenience, we provide a wrapper script for this that you can + build with `nix-build -A tools.hash-password` in a depot checkout. + Alternatively, if you have `direnv` installed, you can add the + depot to your allowlist and just run `hash-password` which should + be added to your `$PATH` by `direnv`. + + You can probably create ARGON2 hashes with other tools, but that is + your job to figure out. 4. Create a commit adding yourself (see e.g. [CL/223](https://cl.tvl.fyi/c/depot/+/223)). 5. Submit the commit via email (see below). -- cgit 1.4.1