$ openssl ecparam -genkey -name prime256v1 >~/.weechat/ecdsa.pem
标签:nbsp ssl cert nec www. recommend ase ons conf compress
WeeChat supports SASL authentication, using different mechanisms:
plain: plain text password (default)
ecdsa-nist256p-challenge: challenge with public/private key
external: client side SSL cert
dh-blowfish: blowfish encrypted password (insecure, not recommended)
dh-aes: AES encrypted password (insecure, not recommended)
The "gcrypt" library is required when compiling WeeChat in order to use "dh-blowfish" and "dh-aes" mechanisms (see dependencies). |
Options in servers are:
sasl_mechanism: mechanism to use (see above)
sasl_timeout: timeout (in seconds) for authentication
sasl_fail: action to perform if authentication fails
sasl_username: username (nick)
sasl_password: password
sasl_key: file with ECC private key (for mechanism ecdsa-nist256p-challenge)
You must generate a private key in order to authentify with the ECDSA-NIST256P-CHALLENGE mechanism (no password is required on connection).
You can generate the key with this command:
$ openssl ecparam -genkey -name prime256v1 >~/.weechat/ecdsa.pem
Get the public key (encoded as base64) with this command:
$ openssl ec -noout -text -conv_form compressed -in ~/.weechat/ecdsa.pem | grep ‘^pub:‘ -A 3 | tail -n 3 | tr -d ‘ \n:‘ | xxd -r -p | base64
Connect to the server, identify (for example with "nickserv identify") and set your public key in your account, using nickserv (replace the base64 value with your public key):
/connect freenode /msg nickserv identify your_password /msg nickserv set pubkey Av8k1FOGetUDq7sPMBfufSIZ5c2I/QYWgiwHtNXkVe/q
Configure the SASL options in the server:
/set irc.server.freenode.sasl_mechanism ecdsa-nist256p-challenge /set irc.server.freenode.sasl_username "your_nickname" /set irc.server.freenode.sasl_key "%h/ecdsa.pem"
Reconnect to the server:
/reconnect freenode
freenode configuration sasl authentication in weechat
标签:nbsp ssl cert nec www. recommend ase ons conf compress
原文地址:http://www.cnblogs.com/chjbbs/p/7290673.html