You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2021/04/21 13:09:36 UTC
[syncope] branch master updated: Fix release verification section
by referring to http://www.apache.org/info/verification.html
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new af7c242 Fix release verification section by referring to http://www.apache.org/info/verification.html
af7c242 is described below
commit af7c2426c835ebd6cf7e4e018211aa2e870b3af6
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Wed Apr 21 13:17:53 2021 +0200
Fix release verification section by referring to http://www.apache.org/info/verification.html
---
.../systemadministration/setadmincredentials.adoc | 21 +++------------------
src/site/xdoc/downloads.xml | 12 +-----------
2 files changed, 4 insertions(+), 29 deletions(-)
diff --git a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
index 0ba8718..7a77099 100644
--- a/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
+++ b/src/main/asciidoc/reference-guide/workingwithapachesyncope/systemadministration/setadmincredentials.adoc
@@ -28,12 +28,9 @@ The credentials are defined in the `security.properties` file; text encoding mus
* `adminPasswordAlgorithm` - algorithm to be used for hash evaluation (default `SHA1`, others as
`SHA256`, `SHA512`, `SMD5`, `SSHA1`, `SSHA256`, `SSHA512` and `BCRYPT` are supported)
-[TIP]
+.Generate SHA1 password value on GNU / Linux
====
-The hashed password value can be obtained, depending on the actual algorithm, via various tools.
-
-As an example, for `SHA1` and GNU / Linux and Mac OS X, the `sha1sum` command-line tool of
-http://www.gnu.org/software/coreutils/[GNU Core Utilities^] can be used as follows:
+The `sha1sum` command-line tool of http://www.gnu.org/software/coreutils/[GNU Core Utilities^] can be used as follows:
[source,bash]
....
echo -n "new_password" | sha1sum
@@ -41,21 +38,9 @@ echo -n "new_password" | sha1sum
Please beware that any shell special character must be properly escaped for the command above to produce the expected
hashed value.
-
-Again about `SHA1`, for MS Windows some options are available:
-
-* http://support.microsoft.com/kb/841290[MS File Checksum Integrity Verifier^] +
-install, save your password to a file (e.g. `password.txt` without EOL) and issue at command line: +
-[source,bash]
-....
-fciv.exe -sha1 password.txt
-....
-* http://gnuwin32.sourceforge.net/[GnuWin32^] port of GNU utilities for MS Windows
-* http://www.cygwin.com/[Cygwin^] Unix-like environment and command-line interface for Microsoft Windows (featuring
-http://www.gnu.org/software/coreutils/[GNU Core Utilities^])
====
-.Generate SSHA256 password value with common GNU / Linux tools
+.Generate SSHA256 password value on GNU / Linux
====
....
$ python3 pySSHA/ssha.py -p password -enc sha256 -s 666ac543 \
diff --git a/src/site/xdoc/downloads.xml b/src/site/xdoc/downloads.xml
index 1748880..6c69518 100644
--- a/src/site/xdoc/downloads.xml
+++ b/src/site/xdoc/downloads.xml
@@ -275,17 +275,7 @@ under the License.
</section>
<section name="Verifying Releases">
- <p>When downloading from a mirror please check the SHA512 checksums as well as verifying the OpenPGP compatible
- signature available from the main Apache site.
- The <a href="https://downloads.apache.org/syncope/KEYS">KEYS</a> file contains the public keys used for signing the
- release. It is recommended that a web of trust is used to confirm the identity of these keys.</p>
-
- <p>You can check the OpenPGP signature with GnuPG via:</p>
- <source><![CDATA[gpg --import KEYS
-gpg --verify *syncope*.asc]]></source>
-
- <p>You can check the SHA512 checksum with:</p>
- <source><![CDATA[sha512sum --check *syncope*.sha512]]></source>
+ <p>You can verify your download by following these <a href="http://www.apache.org/info/verification.html">procedures</a> and using these <a href="https://www.apache.org/dist/syncope/KEYS">KEYS</a>.</p>
</section>
</body>
</document>