Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2025-02-28 11:30:42 +01:00
Code Issues Projects Releases Wiki Activity

finish automatic identifying

Browse Source
This commit is contained in:
Mikaela Suomalainen 2014-05-23 14:26:30 +03:00
parent c42c99d2b0
commit a223f70bec
4 changed files with 135 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
navbar.html
View File

@ -23,6 +23,7 @@ Navigation bar
* <a href="pages/off-topic.html" target="right">Off-topic sites (Social Media)</a>
--></li>
</ul>
<p>Not directly related to me * <a href="pages/external/identifying.html" target="right">Auto-identifying on IRC</a></p>
</body>
</html>
<!-- vim : set ft=html -->

3
navbar.html.md
View File

@ -26,6 +26,9 @@ Where to find me?
* <a href="pages/off-topic.html" target="right">Off-topic sites (Social Media)</a>
-->
Not directly related to me
* <a href="pages/external/identifying.html" target="right">Auto-identifying on IRC</a>
</body>
</html>
<!-- vim : set ft=html -->

41
pages/external/identifying.html vendored
View File

@ -42,6 +42,46 @@ XX:XX:XX &lt; *sasl&gt; +-------------+-----------------------------------------
<li>This won't help you if services go down.</li>
</ul>
<h2 id="certfp">CertFP</h2>
<p>CertFP identifies you using SSL certificate which you must generate and add to your NickServ account.</p>
<p>You can use this command at IRC to check if the network supports certfp.</p>
<pre><code>/msg NickServ help cert</code></pre>
<p>I am not sure how this happens on Windows, so you might need to look for that information elsewhere unless someone decides to help me and tell how does it happen. I am going to tell about OpenSSL.</p>
<h3 id="generating-the-certificate">Generating the certificate</h3>
<p>Open terminal and run this command and replae YOURNICKNAMEHERE.pem with your nickname or something else which makes you know what it is (<strong>DO NOT SET PASSWORD FOR IT OR YOUR CLIENT MIGHT NOT BE ABLE TO USE IT</strong>):</p>
<pre><code>openssl req -nodes -newkey rsa:4096 -keyout YOURNICKNAMEHERE.pem -x509 -days 365 -out YOURNICKNAMEHERE.pem</code></pre>
<p>This gives us file <code>YOURNICKNAMEHERE.pem</code> which you must give to your IRC client. I am sorry, but that depends on your IRC client too, so I cannot say anything about it.</p>
<h3 id="telling-nickserv-about-your-key">Telling NickServ about your key</h3>
<p>NickServ wants to know the fingerprint which you can get with the following command:</p>
<pre><code>openssl x509 -sha1 -noout -fingerprint -in YOURNICKNAMEHERE.pem | sed -e &#39;s/^.*=//;s/://g;y/ABCDEF/abcdef/&#39;</code></pre>
<p>which returns your fingerprint (<strong>WHICH YOU MUST NOT SHARE WITH ANYONE</strong>)</p>
<pre><code>05dd01fedc1b821b796d0d785160f03e32f53fa8</code></pre>
<p>Now you can tell to NickServ about it.</p>
<pre><code>/msg NickServ CERT ADD 05dd01fedc1b821b796d0d785160f03e32f53fa8</code></pre>
<p>(replace that with your own fingerprint!) And nickerv replies to you</p>
<pre><code>14:13:39 -- NickServ: Added fingerprint 05dd01fedc1b821b796d0d785160f03e32f53fa8 to your fingerprint list.</code></pre>
<h3 id="testing">Testing</h3>
<p>Now when you connect to freenode and have configured your IRC client to use your new certificate, you should get identified automatically and you should see your certificate by whoising yourself and running cert list with NickServ.</p>
<pre><code>/WHOIS YOURNICK YOURNICK
/MSG NickServ CERT LIST</code></pre>
<p>replies</p>
<pre><code>&lt;...&gt;
XX:XX:XX -- [YOURNICK] has client certificate fingerprint 05dd01fedc1b821b796d0d785160f03e32f53fa8
&lt;...&gt;
XX:XX:XX -- NickServ: Fingerprint list for YOURNICK:
XX:XX:XX -- NickServ: - 05dd01fedc1b821b796d0d785160f03e32f53fa8$$
XX:XX:XX -- NickServ: End of YOURNICK fingerprint list.</code></pre>
<h3 id="notes">Notes</h3>
<ul class="incremental">
<li>You must recreate your certificate yearly.</li>
<li>This will identify you with immediately so you are still visible to /monitor.</li>
<li>This will identify you after services return unlike other methods if you happen to be on splitted server without services.</li>
<li>Supported networks which I am on:
<ul class="incremental">
<li>freenode</li>
<li>oftc</li>
<li>piratenet</li>
</ul></li>
</ul>
<h2 id="server-password">Server password</h2>
<p>This might not work with some networks, but this works with freenode. All IRC clients should support settng password which to use while connecting to server. Set it as <code>username:password</code> for freenode and you are automatically identified when you connect.</p>
<p>Some notes:</p>
@ -60,6 +100,7 @@ XX:XX:XX &lt; *sasl&gt; +-------------+-----------------------------------------
<li>Your client might send that command too late to prevent you from getting to redirect channels for unidentified users and show your real host to everyone.</li>
<li>You might annoy people by joining twice and quitting once with &quot;Changing host&quot;.</li>
</ul>
<hr/>
For corrections above this line, please contact <a href="../irc.html">me at IRC</a> or fix them by yourself <a href="https://github.com/Mkaysi/mkaysi.github.io/blob/master/pages/external/identifying.html.md">here</a>. What is below that line is embedded GitHub gist which reads where to contact with issues with it.
<hr/>
<script src="https://gist.github.com/maxanton/1e2cf7ada079c271bd3c.js"></script>

90
pages/external/identifying.html.md vendored
View File

@ -69,6 +69,95 @@ work with most of networks.
## CertFP
CertFP identifies you using SSL certificate which you must generate and
add to your NickServ account.
You can use this command at IRC to check if the network supports certfp.
```
/msg NickServ help cert
```
I am not sure how this happens on Windows, so you might need to look for
that information elsewhere unless someone decides to help me and tell
how does it happen. I am going to tell about OpenSSL.
### Generating the certificate
Open terminal and run this command and replae YOURNICKNAMEHERE.pem with
your nickname or something else which makes you know what it is
(**DO NOT SET PASSWORD FOR IT OR YOUR CLIENT MIGHT NOT BE ABLE TO USE IT**):
```
openssl req -nodes -newkey rsa:4096 -keyout YOURNICKNAMEHERE.pem -x509 -days 365 -out YOURNICKNAMEHERE.pem
```
This gives us file `YOURNICKNAMEHERE.pem` which you must give to your IRC
client. I am sorry, but that depends on your IRC client too, so I cannot
say anything about it.
### Telling NickServ about your key
NickServ wants to know the fingerprint which you can get with the following
command:
```
openssl x509 -sha1 -noout -fingerprint -in YOURNICKNAMEHERE.pem | sed -e 's/^.*=//;s/://g;y/ABCDEF/abcdef/'
```
which returns your fingerprint (**WHICH YOU MUST NOT SHARE WITH ANYONE**)
```
05dd01fedc1b821b796d0d785160f03e32f53fa8
```
Now you can tell to NickServ about it.
```
/msg NickServ CERT ADD 05dd01fedc1b821b796d0d785160f03e32f53fa8
```
(replace that with your own fingerprint!) And nickerv replies to you
```
14:13:39 -- NickServ: Added fingerprint 05dd01fedc1b821b796d0d785160f03e32f53fa8 to your fingerprint list.
```
### Testing
Now when you connect to freenode and have configured your IRC client to
use your new certificate, you should get identified automatically and
you should see your certificate by whoising yourself and running cert list
with NickServ.
```
/WHOIS YOURNICK YOURNICK
/MSG NickServ CERT LIST
```
replies
```
<...>
XX:XX:XX -- [YOURNICK] has client certificate fingerprint 05dd01fedc1b821b796d0d785160f03e32f53fa8
<...>
XX:XX:XX -- NickServ: Fingerprint list for YOURNICK:
XX:XX:XX -- NickServ: - 05dd01fedc1b821b796d0d785160f03e32f53fa8$$
XX:XX:XX -- NickServ: End of YOURNICK fingerprint list.
```
### Notes
* You must recreate your certificate yearly.
* This will identify you with immediately so you are still visible to
/monitor.
* This will identify you after services return unlike other methods if you
happen to be on splitted server without services.
* Supported networks which I am on:
* freenode
* oftc
* piratenet
## Server password
This might not work with some networks, but this works with freenode.
@ -103,6 +192,7 @@ everyone.
* You might annoy people by joining twice and quitting once with "Changing
host".
<hr/>
For corrections above this line, please contact [me at IRC](../irc.html) or fix them by
yourself [here](https://github.com/Mkaysi/mkaysi.github.io/blob/master/pages/external/identifying.html.md). What is below that line is embedded GitHub
gist which reads where to contact with issues with it.