mikaela.github.io/pages/external/identifying.html.md

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<!-- <meta http-equiv="refresh" content="60" /> -->
<meta name="description" content="Instructions for identifying to services on various IRC networks." />
<meta name="author" content="Mikaela Suomalainen" />
<link rel="canonical" href="https://mkaysi.github.io/pages/external/identifying.html">
<title>Insert title here</title>
<link rel="stylesheet" type="text/css" href="../../css.css" />
</head>
<body>

**NOTE: This might be heavily freenode-specific, but these things should 
work with other networks too, at least SASL and CertFP.**

I will document the four different methods to identify to services which I 
use by myself. **I use all of these at the same time.**

## SASL

There isn't much to say about SASL as it's easy to configure as long as 
your IRC client supports it. SASL identifies you before logging in, but it 
won't help you in case services are down. The easiest way to check does 
the network where you are support SASL is probably to whois or message or 
both to the SaslServ.

```
/whois SaslServ SaslServ
/msg SaslServ help
```

If the network does support SASL, you should see something like this 
which freenode gives:

```
XX:XX:XX -- [SaslServ] (SaslServ@services.): SASL Authentication Agent
XX:XX:XX -- [SaslServ] services. (Atheme IRC Services)
XX:XX:XX -- [SaslServ] is a Network Service
XX:XX:XX -- [saslserv] End of WHOIS
XX:XX:XX -- SaslServ: This service exists to identify connecting clients to the network. It has no public interface.
```

There are different mechanisms for use with SASL. I personally use them in 
this order with ZNC: `PLAIN DH-AES DH-BLOWFISH and EXTERNAL`.

This is what ZNC 1.5-git-3b01efc says about them:

```
XX:XX:XX < *sasl> +-------------+----------------------------------------------------+
XX:XX:XX < *sasl> | Mechanism   | Description                                        |
XX:XX:XX < *sasl> +-------------+----------------------------------------------------+
XX:XX:XX < *sasl> | EXTERNAL    | TLS certificate, for use with the *cert module     |
XX:XX:XX < *sasl> | DH-BLOWFISH | Secure negotiation using the DH-BLOWFISH mechanism |
XX:XX:XX < *sasl> | DH-AES      | More secure negotiation using the DH-AES mechanism |
XX:XX:XX < *sasl> | PLAIN       | Plain text negotiation                             |
XX:XX:XX < *sasl> +-------------+----------------------------------------------------+
```

Some notes:

* PLAIN is plain text as it says, so if you use it like I do, you should 
use SSL.
* EXTERNAL is supposed to be used together with CertFP, but it doesn't 
work with most of networks.
    * It's not supported even by freenode.
    * I don't know any network that supports it.
* This won't help you if services go down.

## CertFP

## Server password

This might not work with some networks, but this works with freenode. 
All IRC clients should support settng password which to use while 
connecting to server. Set it as `username:password` for freenode and you 
are automatically identified when you connect.

Some notes:

* This is only known to work with freenode.
* You aren't identified immediately so as shown in the embedded gist, 
your real host is visible for people who have you on `/monitor`.
* This won't help you if services go down.

## Automatic command

This works with probably every client. They support setting commands that 
are automatically run as you connect and you can set the command

```
/msg NickServ identify username password
```

or whatever syntax the services on your network use.

Some notes:

* Your real host is still visible for /monitor ing people.
* Your client might send that command too late to prevent you from getting 
to redirect channels for unidentified users and show your real host to 
everyone.
* You might annoy people by joining twice and quitting once with "Changing 
host".

For corrections above this line, please contact [me at IRC](../irc.html) or fix them by 
yourself [here](https://github.com/Mkaysi/mkaysi.github.io/blob/master/pages/external/identifying.html.md). What is below that line is embedded GitHub 
gist which reads where to contact with issues with it.
<hr/>
<script src="https://gist.github.com/maxanton/1e2cf7ada079c271bd3c.js"></script>
</body>
</html>
<!-- vim : set ft=markdown-->
pages/irc: bold the first line & start pages/external/identifying.html 2014-05-23 12:05:31 +02:00			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<meta charset="UTF-8" />`
			`<!-- <meta http-equiv="refresh" content="60" /> -->`
			`<meta name="description" content="Instructions for identifying to services on various IRC networks." />`
			`<meta name="author" content="Mikaela Suomalainen" />`
			`<link rel="canonical" href="https://mkaysi.github.io/pages/external/identifying.html">`
			`<title>Insert title here</title>`
			`<link rel="stylesheet" type="text/css" href="../../css.css" />`
			`</head>`
			`<body>`

			`**NOTE: This might be heavily freenode-specific, but these things should`
			`work with other networks too, at least SASL and CertFP.**`

pages/external/identifying: SASL 2014-05-23 12:36:52 +02:00			`I will document the four different methods to identify to services which I`
pages/external/identifying: username:password & automatic command. 2014-05-23 12:57:31 +02:00			`use by myself. I use all of these at the same time.`
pages/external/identifying: SASL 2014-05-23 12:36:52 +02:00
			`## SASL`

			`There isn't much to say about SASL as it's easy to configure as long as`
			`your IRC client supports it. SASL identifies you before logging in, but it`
			`won't help you in case services are down. The easiest way to check does`
			`the network where you are support SASL is probably to whois or message or`
			`both to the SaslServ.`

			```
			`/whois SaslServ SaslServ`
			`/msg SaslServ help`
			```

			`If the network does support SASL, you should see something like this`
			`which freenode gives:`

			```
			`XX:XX:XX -- [SaslServ] (SaslServ@services.): SASL Authentication Agent`
			`XX:XX:XX -- [SaslServ] services. (Atheme IRC Services)`
			`XX:XX:XX -- [SaslServ] is a Network Service`
			`XX:XX:XX -- [saslserv] End of WHOIS`
			`XX:XX:XX -- SaslServ: This service exists to identify connecting clients to the network. It has no public interface.`
			```

			`There are different mechanisms for use with SASL. I personally use them in`
			this order with ZNC: `PLAIN DH-AES DH-BLOWFISH and EXTERNAL`.

			`This is what ZNC 1.5-git-3b01efc says about them:`

			```
			`XX:XX:XX < *sasl> +-------------+----------------------------------------------------+`
			`XX:XX:XX < *sasl> \| Mechanism \| Description \|`
			`XX:XX:XX < *sasl> +-------------+----------------------------------------------------+`
			`XX:XX:XX < sasl> \| EXTERNAL \| TLS certificate, for use with the cert module \|`
			`XX:XX:XX < *sasl> \| DH-BLOWFISH \| Secure negotiation using the DH-BLOWFISH mechanism \|`
			`XX:XX:XX < *sasl> \| DH-AES \| More secure negotiation using the DH-AES mechanism \|`
			`XX:XX:XX < *sasl> \| PLAIN \| Plain text negotiation \|`
			`XX:XX:XX < *sasl> +-------------+----------------------------------------------------+`
			```

			`Some notes:`

			`* PLAIN is plain text as it says, so if you use it like I do, you should`
			`use SSL.`
			`* EXTERNAL is supposed to be used together with CertFP, but it doesn't`
			`work with most of networks.`
			`* It's not supported even by freenode.`
			`* I don't know any network that supports it.`
pages/external/identifying: username:password & automatic command. 2014-05-23 12:57:31 +02:00			`* This won't help you if services go down.`
pages/external/identifying: SASL 2014-05-23 12:36:52 +02:00
			`## CertFP`

			`## Server password`

pages/external/identifying: username:password & automatic command. 2014-05-23 12:57:31 +02:00			`This might not work with some networks, but this works with freenode.`
			`All IRC clients should support settng password which to use while`
			connecting to server. Set it as `username:password` for freenode and you
			`are automatically identified when you connect.`

			`Some notes:`

			`* This is only known to work with freenode.`
			`* You aren't identified immediately so as shown in the embedded gist,`
			your real host is visible for people who have you on `/monitor`.
			`* This won't help you if services go down.`

pages/external/identifying: SASL 2014-05-23 12:36:52 +02:00			`## Automatic command`
pages/irc: bold the first line & start pages/external/identifying.html 2014-05-23 12:05:31 +02:00
pages/external/identifying: username:password & automatic command. 2014-05-23 12:57:31 +02:00			`This works with probably every client. They support setting commands that`
			`are automatically run as you connect and you can set the command`

			```
			`/msg NickServ identify username password`
			```

			`or whatever syntax the services on your network use.`

			`Some notes:`

			`* Your real host is still visible for /monitor ing people.`
			`* Your client might send that command too late to prevent you from getting`
			`to redirect channels for unidentified users and show your real host to`
			`everyone.`
			`* You might annoy people by joining twice and quitting once with "Changing`
			`host".`
pages/irc: bold the first line & start pages/external/identifying.html 2014-05-23 12:05:31 +02:00
			`For corrections above this line, please contact [me at IRC](../irc.html) or fix them by`
			`yourself [here](https://github.com/Mkaysi/mkaysi.github.io/blob/master/pages/external/identifying.html.md). What is below that line is embedded GitHub`
			`gist which reads where to contact with issues with it.`
			`<hr/>`
			`<script src="https://gist.github.com/maxanton/1e2cf7ada079c271bd3c.js"></script>`
			`</body>`
			`</html>`
			`<!-- vim : set ft=markdown-->`