commit - a1962ae7fa74e8bb8d68a9703ecc2c5bde85b82b
commit + a3f214752d65e7f379ec72c1894d4608389fc6ff
blob - 6d49852189b96cfe0d571d3f14c5280d5bb62b3c
blob + e0ec50c86b84a6076572f4a38effef9999f0c564
--- site/tutorial.gmi
+++ site/tutorial.gmi
## 1. create a dedicated user
-kamid needs a dedicated ‘_kamid’ user to run. How to create an user depends on your operating system; on OpenBSD is:
+kamid needs a dedicated ‘_kamid’ user to run. How to create an user depends on your operating system; for example on OpenBSD is:
```
# useradd -c kamid -d /var/empty -s /sbin/nologin _kamid
```
-or on some GNU/linux systems:
+while on some GNU/linux systems:
```
-# useradd --system --no-create-home -s /bin/nologin -c kamid _kamid
+# mkdir -p /var/empty
+# useradd --system -d /var/empty -s /usr/sbin/nologin _kamid
```
Ideally the ‘_kamid’ user shouldn’t have a login shell and have an empty home.
An easy way to generate certificates and obtain their fingerprint is by using the scripts ‘fingerprint’ and ‘gencert’ in the ‘contrib’ directory:
```example of how to use fingerprint and gencert
-% ./gencert foo
+% ./contrib/gencert foo
Generating a 4096 bit RSA private key
[...]
writing new private key to 'foo'
-----
-% ./fingerprint foo
+% ./contrib/fingerprint foo
SHA256:c043a39b4c65993f03b8df46116a692392399e3be0eb233f4efd74cd53540370
```