X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=debian%2Fgigi.properties.5;h=c0cc96df84c411b751f9bd27e44bcb093eb08a7b;hp=8f14e28e74338bf2db84d7ef57cbc7514c118822;hb=e2a79224ab74235f539b0006fc654b078471f843;hpb=c209d279826b7f4a63286b70725d1e659b3eab89

diff --git a/debian/gigi.properties.5 b/debian/gigi.properties.5
index 8f14e28e..c0cc96df 100644
--- a/debian/gigi.properties.5
+++ b/debian/gigi.properties.5
@@ -121,9 +121,19 @@ should try to connect.
 Defaults to \fI25\fR.
 .TP
 .B highFinancialValue
-A path to a plain text file of Internet domain names, one per names,
+A path to a plain text file of Internet domain names, one per line,
 which Gigi should refuse to issue certificates to.
 .TP
+.B knownPasswordHashes
+A path to a file of SHA-1 hashes of known passwords.
+The file should contain the hashes in binary format, without any separators, and should be sorted.
+Gigi will refuse user passwords with hashes that are found in this file.
+If this option is specified, Gigi will refuse startup if the file cannot be opened,
+otherwise it will attempt to use the file
+.I /usr/share/pwned-passwords/pwned-passwords.bin
+(provided by the \fBpwned-passwords-bin\fR package)
+but continue startup if the file cannot be opened.
+.TP
 .B time.testValidMonths
 The maximum time, in months, for which a passed agent quiz is considered recent.
 Defaults to \fI12\fR.