Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-15 00:19:25 +01:00
Code Issues Projects Releases Wiki Activity
25a26f4b02
mikaela.github.io/pages/external/identifying.html.md
Mikaela Suomalainen 25a26f4b02 pages/external/identifying: SASL
2014-05-23 13:36:52 +03:00

3.1 KiB
Raw Blame History

<!DOCTYPE html> <html> <head> </head>

NOTE: This might be heavily freenode-specific, but these things should work with other networks too, at least SASL and CertFP.

I will document the four different methods to identify to services which I use by myself.

SASL

There isnt much to say about SASL as its easy to configure as long as your IRC client supports it. SASL identifies you before logging in, but it wont help you in case services are down. The easiest way to check does the network where you are support SASL is probably to whois or message or both to the SaslServ.

/whois SaslServ SaslServ
/msg SaslServ help

If the network does support SASL, you should see something like this which freenode gives:

XX:XX:XX -- [SaslServ] (SaslServ@services.): SASL Authentication Agent
XX:XX:XX -- [SaslServ] services. (Atheme IRC Services)
XX:XX:XX -- [SaslServ] is a Network Service
XX:XX:XX -- [saslserv] End of WHOIS
XX:XX:XX -- SaslServ: This service exists to identify connecting clients to the network. It has no public interface.

There are different mechanisms for use with SASL. I personally use them in this order with ZNC: PLAIN DH-AES DH-BLOWFISH and EXTERNAL.

This is what ZNC 1.5-git-3b01efc says about them:

XX:XX:XX < *sasl> +-------------+----------------------------------------------------+
XX:XX:XX < *sasl> | Mechanism   | Description                                        |
XX:XX:XX < *sasl> +-------------+----------------------------------------------------+
XX:XX:XX < *sasl> | EXTERNAL    | TLS certificate, for use with the *cert module     |
XX:XX:XX < *sasl> | DH-BLOWFISH | Secure negotiation using the DH-BLOWFISH mechanism |
XX:XX:XX < *sasl> | DH-AES      | More secure negotiation using the DH-AES mechanism |
XX:XX:XX < *sasl> | PLAIN       | Plain text negotiation                             |
XX:XX:XX < *sasl> +-------------+----------------------------------------------------+

Some notes:

  • PLAIN is plain text as it says, so if you use it like I do, you should use SSL.
  • EXTERNAL is supposed to be used together with CertFP, but it doesnt work with most of networks.
    • Its not supported even by freenode.
    • I dont know any network that supports it.

CertFP

Server password

Automatic command

For corrections above this line, please contact me at IRC or fix them by yourself here. What is below that line is embedded GitHub gist which reads where to contact with issues with it.
</html>