Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-15 00:19:25 +01:00
Code Issues Projects Releases Wiki Activity

pages/ext/identifying: finish SASL instructions.

Browse Source
This commit is contained in:
Mikaela Suomalainen 2014-06-05 12:28:00 +03:00
parent 85ad469019
commit afffee8a4e
2 changed files with 28 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
pages/external/identifying.html vendored
View File

@ -42,17 +42,10 @@ XX:XX:XX < *sasl> +-------------+-----------------------------------------
</ul></li> </ul></li>
<li>This won't help you if services go down.</li> <li>This won't help you if services go down.</li>
</ul> </ul>
<!-- <h3 id="using-sasl-with-your-client-or-bouncer">Using SASL with your client or bouncer</h3>
<p>Remember that I use all of these methods (SASL, CertFP, username:password, automatic command).</p>
### Using SASL with your client or bouncer <h3 id="hexchat">HexChat</h3>
<p>Press <code>CTRL + S</code> or go to <code>HexChat --&gt; Network list</code> and select the network where you want to use SASL and click <code>Edit</code>.</p>
Remember that I use all of these methods (SASL, CertFP, username:password,
automatic command).
### HexChat
Press `CTRL + S` or go to `HexChat -->
<p>Network list<code>and select the network where you want to use SASL and click</code>Edit`.</p>
<p>If you want to specify server specific username, uncheck the <code>Use global user information</code> checkbox.</p> <p>If you want to specify server specific username, uncheck the <code>Use global user information</code> checkbox.</p>
<p>Change the <code>Login method:</code> from <code>Default</code> to `SASL (username + password) and type your username and password. If you don't uncheck the box, you must specify the username in network list.</p> <p>Change the <code>Login method:</code> from <code>Default</code> to `SASL (username + password) and type your username and password. If you don't uncheck the box, you must specify the username in network list.</p>
<h3 id="limnoria">Limnoria</h3> <h3 id="limnoria">Limnoria</h3>
@ -80,7 +73,16 @@ config networks.&lt;network&gt;.sasl.password NSPASSWORD</code></pre>
<li>Sets the password which is used with SASL.</li> <li>Sets the password which is used with SASL.</li>
</ol> </ol>
<h3 id="znc">ZNC</h3> <h3 id="znc">ZNC</h3>
<p>--&gt;</p> <pre><code>/znc loadmod sasl
/znc *sasl mechanism plain dh-aes dh-blowfish external
/znc *sasl requireauth no
/znc *sasl set NSACCOUNTNAME NSPASSWORD</code></pre>
<ol class="incremental" style="list-style-type: decimal">
<li>Loads the sasl module.</li>
<li>Sets the mechanism list (where others than plain are useless as if plain doesn't work, others most probably won't work either).</li>
<li>Makes you able to connect to network even if SASL fails as I expect you to also have CertFP configured which will identify you when services return.</li>
<li>Sets the details which ZNC uses to identify you.</li>
</ol>
<h2 id="certfp">CertFP</h2> <h2 id="certfp">CertFP</h2>
<p>CertFP identifies you using SSL certificate which you must generate and add to your NickServ account.</p> <p>CertFP identifies you using SSL certificate which you must generate and add to your NickServ account.</p>
<p>You can use this command at IRC to check if the network supports certfp.</p> <p>You can use this command at IRC to check if the network supports certfp.</p>
@ -93,7 +95,7 @@ config networks.&lt;network&gt;.sasl.password NSPASSWORD</code></pre>
<p><strong>NOTE: This certificate is valid for 24855 days which is the maximum on 32-bit systems. This might not be very wise, but as we only use this cert in IRC and we don't want to worry about regenerating it too often so we have a very long time when it's valid. You should regenerate your cert as often as you change your password or more even more often…</strong></p> <p><strong>NOTE: This certificate is valid for 24855 days which is the maximum on 32-bit systems. This might not be very wise, but as we only use this cert in IRC and we don't want to worry about regenerating it too often so we have a very long time when it's valid. You should regenerate your cert as often as you change your password or more even more often…</strong></p>
<p>Oh, and <strong>don't close your terminal yet</strong> as you will need it for HexChat.</p> <p>Oh, and <strong>don't close your terminal yet</strong> as you will need it for HexChat.</p>
<h3 id="telling-your-client-or-bouncer-to-use-the-cert.">Telling your client (or bouncer to use the cert).</h3> <h3 id="telling-your-client-or-bouncer-to-use-the-cert.">Telling your client (or bouncer to use the cert).</h3>
<h4 id="hexchat">HexChat</h4> <h4 id="hexchat-1">HexChat</h4>
<p>Create a folder &quot;certs&quot; to your HexChat config and copy the .pem file there and copy and rename it as <code>client.pem</code>.</p> <p>Create a folder &quot;certs&quot; to your HexChat config and copy the .pem file there and copy and rename it as <code>client.pem</code>.</p>
<pre><code>mkdir -p ~/.config/hexchat/certs/ <pre><code>mkdir -p ~/.config/hexchat/certs/
cp YOURNICKNAMEHERE.pem ~/.config/hexchat/certs/client.pem</code></pre> cp YOURNICKNAMEHERE.pem ~/.config/hexchat/certs/client.pem</code></pre>

16
pages/external/identifying.html.md vendored
View File

@ -68,8 +68,6 @@ work with most of networks.
* I don't know any network that supports it. * I don't know any network that supports it.
* This won't help you if services go down. * This won't help you if services go down.
<!--
### Using SASL with your client or bouncer ### Using SASL with your client or bouncer
Remember that I use all of these methods (SASL, CertFP, username:password, Remember that I use all of these methods (SASL, CertFP, username:password,
@ -131,8 +129,20 @@ name in most of the networks which you are connected to.
### ZNC ### ZNC
```
/znc loadmod sasl
/znc *sasl mechanism plain dh-aes dh-blowfish external
/znc *sasl requireauth no
/znc *sasl set NSACCOUNTNAME NSPASSWORD
```
--> 1. Loads the sasl module.
2. Sets the mechanism list (where others than plain are useless as if
plain doesn't work, others most probably won't work either).
3. Makes you able to connect to network even if SASL fails as I expect you
to also have CertFP configured which will identify you when services
return.
4. Sets the details which ZNC uses to identify you.
## CertFP ## CertFP