ircd-yeti dropped support for the SMD5 and crypt() password hashing backends. It also uses SHA-256 as client certificate fingerprint generation algorithm. Opers may not have the tools required to obtain this data to update their operator {} blocks seamlessly. Therefore, this tool was created.
This tool does not send your oper password to a remote location.
fast-sha256-js is used as building block to do the PBKDF#2/SHA-256 derivation.
If you do not trust this tool, contact a Development Team member for a copy of the ircd-yeti source code so that you can do the umkpasswd step yourself.
This tool does not send your certificate or key to a remote location. The input must be a PEM-encoded certificate.
If you do not trust this tool, you can use the following openssl command line
invocation:
$ openssl x509 -in path/to/cert.pem -noout -text -fingerprint -sha256 |
tail -n 1 |
cut -d= -f2 |
sed -e s/://g