码迷,mamicode.com
首页 > 其他好文 > 详细

freenode configuration sasl authentication in weechat

时间:2017-08-05 17:51:14      阅读:145      评论:0      收藏:0      [点我收藏+]

标签:nbsp   ssl cert   nec   www.   recommend   ase   ons   conf   compress   

转自:https://www.weechat.org/files/doc/stable/weechat_user.en.html#irc_sasl_authentication

 SASL authentication

WeeChat supports SASL authentication, using different mechanisms:

  • plain: plain text password (default)

  • ecdsa-nist256p-challenge: challenge with public/private key

  • external: client side SSL cert

  • dh-blowfish: blowfish encrypted password (insecure, not recommended)

  • dh-aes: AES encrypted password (insecure, not recommended)

  The "gcrypt" library is required when compiling WeeChat in order to use "dh-blowfish" and "dh-aes" mechanisms (see dependencies).

Options in servers are:

  • sasl_mechanism: mechanism to use (see above)

  • sasl_timeout: timeout (in seconds) for authentication

  • sasl_fail: action to perform if authentication fails

  • sasl_username: username (nick)

  • sasl_password: password

  • sasl_key: file with ECC private key (for mechanism ecdsa-nist256p-challenge)

SASL ECDSA-NIST256P-CHALLENGE

You must generate a private key in order to authentify with the ECDSA-NIST256P-CHALLENGE mechanism (no password is required on connection).

You can generate the key with this command:

$ openssl ecparam -genkey -name prime256v1 >~/.weechat/ecdsa.pem

Get the public key (encoded as base64) with this command:

$ openssl ec -noout -text -conv_form compressed -in ~/.weechat/ecdsa.pem | grep ‘^pub:‘ -A 3 | tail -n 3 | tr -d ‘ \n:‘ | xxd -r -p | base64

Connect to the server, identify (for example with "nickserv identify") and set your public key in your account, using nickserv (replace the base64 value with your public key):

/connect freenode
/msg nickserv identify your_password
/msg nickserv set pubkey Av8k1FOGetUDq7sPMBfufSIZ5c2I/QYWgiwHtNXkVe/q

Configure the SASL options in the server:

/set irc.server.freenode.sasl_mechanism ecdsa-nist256p-challenge
/set irc.server.freenode.sasl_username "your_nickname"
/set irc.server.freenode.sasl_key "%h/ecdsa.pem"

Reconnect to the server:

/reconnect freenode

freenode configuration sasl authentication in weechat

标签:nbsp   ssl cert   nec   www.   recommend   ase   ons   conf   compress   

原文地址:http://www.cnblogs.com/chjbbs/p/7290673.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!