2015-03-26 08:05:15 +01:00
|
|
|
---
|
|
|
|
layout: post
|
|
|
|
comments: true
|
|
|
|
title: "WeeChat: easy instructions for using SASL"
|
|
|
|
category: [english]
|
2024-06-03 08:48:19 +02:00
|
|
|
sitemap: true
|
|
|
|
robots: noai
|
2015-03-26 08:05:15 +01:00
|
|
|
tags: [irc, english]
|
2018-11-25 23:51:24 +01:00
|
|
|
redirect_from:
|
|
|
|
- /weechat-sasl.html
|
|
|
|
- /english/2015/03/26/weechat-sasl-simply.html
|
2015-03-26 08:05:15 +01:00
|
|
|
---
|
|
|
|
|
|
|
|
This seems to confuse many WeeChat users, so I will try to explain it more
|
|
|
|
simply as I am repeating myself everywhere about this same thing.
|
|
|
|
|
2024-06-19 07:19:44 +02:00
|
|
|
SASL is mechanism for identifying to services at IRC automatically even before
|
|
|
|
you are visible to the network.
|
2015-03-26 08:05:15 +01:00
|
|
|
|
2023-02-22 19:28:38 +01:00
|
|
|
---
|
2015-03-26 08:05:15 +01:00
|
|
|
|
2021-10-05 12:05:37 +02:00
|
|
|
First set mechanism as plain if you have it as anything else.
|
2015-03-26 08:05:15 +01:00
|
|
|
|
|
|
|
```
|
|
|
|
/set irc.server_default.sasl_mechanism PLAIN
|
|
|
|
```
|
|
|
|
|
2024-06-19 07:19:44 +02:00
|
|
|
PLAIN is simple "login using username and password" mechanism that sends the
|
|
|
|
username and password in plaintext which isn't an issue if you also use SSL
|
|
|
|
(like you should) and trust the server (and **use different password
|
|
|
|
everywhere**).
|
2015-03-26 08:05:15 +01:00
|
|
|
|
|
|
|
Then simply set your username and password
|
|
|
|
|
|
|
|
```
|
2015-06-09 14:22:51 +02:00
|
|
|
/unset irc.server.NETWORK.sasl_mechanism
|
2015-03-26 08:05:15 +01:00
|
|
|
/set irc.server.NETWORK.sasl_username REGISTERED_NICKNAME
|
|
|
|
/set irc.server.NETWORK.sasl_password PASSWORD
|
2015-06-09 14:22:51 +02:00
|
|
|
/save
|
2015-03-26 08:05:15 +01:00
|
|
|
```
|
|
|
|
|
2024-06-19 07:19:44 +02:00
|
|
|
_Replace NETWORK with the name of network that you have in WeeChat, for example
|
|
|
|
`liberachat`._
|
2015-03-26 08:05:15 +01:00
|
|
|
|
2024-06-19 07:19:44 +02:00
|
|
|
And now after `/reconnect` you should be identified automatically using SASL,
|
|
|
|
but you might also ensure that you use SSL.
|
2015-03-26 08:05:15 +01:00
|
|
|
|
|
|
|
## Using SSL
|
|
|
|
|
|
|
|
Change your address to use SSL port and enable SSL for the network:
|
|
|
|
|
|
|
|
```
|
2021-05-23 13:10:38 +02:00
|
|
|
/set irc.server.liberachat.addresses irc.libera.chat/6697
|
|
|
|
/set irc.server.liberachat.ssl on
|
2015-06-09 14:22:51 +02:00
|
|
|
/save
|
2015-03-26 08:05:15 +01:00
|
|
|
```
|
|
|
|
|
2023-02-22 19:28:38 +01:00
|
|
|
_Note: SSL does nothing until you `/reconnect`_
|
2015-06-09 14:22:51 +02:00
|
|
|
|
2023-02-22 19:28:38 +01:00
|
|
|
_6697 is the [standard SSL port](https://tools.ietf.org/html/rfc7194)._
|
2015-03-26 08:05:15 +01:00
|
|
|
|
2021-05-23 13:10:38 +02:00
|
|
|
liberachat has valid SSL certificate, but if it didn't, you would have two
|
2015-03-26 08:05:15 +01:00
|
|
|
choises:
|
|
|
|
|
2024-06-19 07:19:44 +02:00
|
|
|
1. Trust the fingerprints manually using `irc.server.NETWORK.ssl_fingerprint`,
|
|
|
|
see [this post].
|
2015-03-26 08:05:15 +01:00
|
|
|
2. Disable SSL certificate checking using
|
2024-06-19 07:19:44 +02:00
|
|
|
`/set irc.server.NETWORK.ssl_verify off` **NOT RECOMMENDED**, see [this post].
|
2015-03-26 08:05:15 +01:00
|
|
|
|
2019-07-13 21:47:15 +02:00
|
|
|
[this post]:{% post_url blog/2015-02-24-znc160-ssl %}
|