|
|
(One intermediate revision by one other user not shown) |
Line 1: |
Line 1: |
− | {{languages}}
| + | #REDIRECT [[Group:LibrePlanet Italia/miniguida-freenode.en]] |
− | | |
− | '''''Original version (in Italian) of this mini-guide: http://libreplanet.org/wiki/LibrePlanetItalia/miniguida-freenode'''''
| |
− | | |
− | ----
| |
− | | |
− | ''The information contained in this mini-guide is current as of: 17/11/2010.''
| |
− | | |
− | ''The text in this page was last modified on: {{REVISIONDAY}}/{{REVISIONMONTH}}/{{REVISIONYEAR}}.''
| |
− | | |
− | == Introduction ==
| |
− | | |
− | The [http://freenode.net/ <tt>freenode</tt>] network hosts a lot of [http://en.wikipedia.org/wiki/Internet_Relay_Chat IRC] channels dedicated to [http://www.gnu.org/philosophy/free-sw.html free software]: <tt>#gnu</tt>, <tt>#fsf</tt>, <tt>#libreplanet</tt>, <tt>#gnewsense</tt> and many others.
| |
− | | |
− | From January 30, 2010 <tt>freenode</tt> has [http://blog.freenode.net/2010/01/ircd-migration-sat-jan-30th-2010/ migrated] their servers from [http://blog.freenode.net/2010/01/migration-to-new-ircd/ from <tt>ircd</tt> to <tt>ircd-seven</tt>]. This led to several changes, including the possibility of connection in a safe and anonymous way via [http://en.wikipedia.org/wiki/Transport_Layer_Security <tt>SSL</tt>] or via [http://www.torproject.org/ <tt>Tor</tt>]+[http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer <tt>SASL</tt>]. These two methods (alternatives to one another) offer much more privacy and security in communication and authentication than the usual "clear" connection mode.
| |
− | | |
− | Here below is a brief description about how to configure [http://xchat.org/ <tt>XChat</tt>] (one of the best and most used <tt>IRC</tt> clients) to connect to <tt>freenode</tt> in different ways as possible (clear, via <tt>SSL</tt> and via <tt>Tor</tt>+<tt>SASL</tt>).
| |
− | | |
− | == Prerequisites ==
| |
− | | |
− | * A [http://www.gnu.org/distros/free-distros.html 100% free GNU/Linux] distribution, as is [http://www.gnewsense.org <tt>gNewSense</tt>] :-)
| |
− | * The [http://xchat.org/ <tt>XChat</tt>] (> = 2.8.4) package, properly installed
| |
− | *:Note: In the GNU/Linux distributions which use <tt>.deb</tt> packages (as <tt>gNewSense</tt>), <tt>XChat</tt> could be installed with the command:
| |
− | *:<code>$ sudo apt-get install xchat</code>
| |
− | | |
− | == XChat: clear connection to freenode ==
| |
− | | |
− | # From the <em>XChat</em> menu, open the <em>Network list</em> (Ctrl + S)
| |
− | # Click the <em>Add</em> button in order to create a new network and call it (with no spaces): <tt>FreeNode</tt>
| |
− | # Select the <tt>FreeNode</tt> network you just created and click on the <em>Edit</em> button to configure it as follows:
| |
− | #*in <em>Servers for …</em>, click on <em>Add</em> and set as server:
| |
− | #*:<code>irc.freenode.net/8001</code>
| |
− | #*in the same section, set:
| |
− | #*: - <em>Connect to selected server only</em>: do NOT check
| |
− | #*in the <em>Your Details</em> section, enter the values for <em>Nick name</em>, <em>User name</em> and <em>Real name</em>
| |
− | #*in the <em>Connecting</em> section set:
| |
− | #*: - <em>Auto connect …</em>: set as desired
| |
− | #*: - <em>Use a proxy server</em>: do NOT check
| |
− | #*: - <em>Use SSL for all the servers on this network</em>: do NOT check
| |
− | #*: - <em>Accept invalid SSL certificate</em>: do NOT check
| |
− | #*: - <em>Channels to join</em>: <tt>#libreplanet</tt>, <tt>#gnewsense</tt>, … other channels as you like, separated by commas, no spaces…
| |
− | #*: - <em>Connect command</em>: leave blank
| |
− | #*: - <em>Nickserv password</em>: leave blank
| |
− | #*: - <em>Server password</em>: to be set only if you are using a nickname registered and verified on <tt>freenode</tt>
| |
− | #*: - <em>Character set</em>: <tt>UTF-8</tt>
| |
− | | |
− | The configuration of this new <tt>FreeNode</tt> network will appear in the <code>/~.xchat2/servlist_.conf</code> file. It will be something as:
| |
− | <code>
| |
− | N=FreeNode
| |
− | I=mynickname
| |
− | U=mynickname
| |
− | R=mynickname
| |
− | P=mypassword
| |
− | J=#libreplanet,#gnewsense
| |
− | E=UTF-8 (Unicode)
| |
− | F=1
| |
− | D=0
| |
− | S=irc.freenode.net/8001
| |
− | </code>
| |
− | | |
− | After closing the setup windows, you can connect in clear to the <tt>FreeNode</tt> network you just created.
| |
− | | |
− | == XChat: SSL connection to freenode ==
| |
− | | |
− | # From the <em>XChat</em> menu, open the <em>Network list</em> (Ctrl + S)
| |
− | # Click the <em>Add</em> button in order to create a new network and call it (with no spaces): <tt>FreeNode-SSL</tt>
| |
− | # Select the <tt>FreeNode-SSL</tt> network you just created and click on the <em>Edit</em> button to configure it as follows:
| |
− | #*in <em>Servers for …</em>, click on <em>Add</em> and set as server:
| |
− | #*:<code>irc.freenode.net/7070</code>
| |
− | #*in the same section, set:
| |
− | #*: - <em>Connect to selected server only</em>: do NOT check
| |
− | #*in the <em>Your Details</em> section, enter the values for <em>Nick name</em>, <em>User name</em> and <em>Real name</em>
| |
− | #*in the <em>Connecting</em> section set:
| |
− | #*: - <em>Auto connect …</em>: set as desired
| |
− | #*: - <em>Use a proxy server</em>: do NOT check
| |
− | #*: - <em>Use SSL for all the servers on this network</em>: CHECK
| |
− | #*: - <em>Accept invalid SSL certificate</em>: CHECK
| |
− | #*: - <em>Channels to join</em>: <tt>#libreplanet</tt>, <tt>#gnewsense</tt>, … other channels as you like, separated by commas, no spaces…
| |
− | #*: - <em>Connect command</em>: leave blank
| |
− | #*: - <em>Nickserv password</em>: leave blank
| |
− | #*: - <em>Server password</em>: to be set only if you are using a nickname registered and verified on <tt>freenode</tt>
| |
− | #*: - <em>Character set</em>: <tt>UTF-8</tt>
| |
− | | |
− | The configuration of this new <tt>FreeNode-SSL</tt> network will appear in the <code>/~.xchat2/servlist_.conf</code> file. It will be something as:
| |
− | <code>
| |
− | N=FreeNode-SSL
| |
− | I=mynickname
| |
− | U=mynickname
| |
− | R=mynickname
| |
− | P=mypassword
| |
− | J=#libreplanet,#gnewsense
| |
− | E=UTF-8 (Unicode)
| |
− | F=37
| |
− | D=0
| |
− | S=irc.freenode.net/7070
| |
− | </code>
| |
− | | |
− | After closing the setup windows, you can connect via SSL to the <tt>FreeNode-SSL</tt> network you just created.
| |
− | | |
− | == XChat: Tor+SASL connection to freenode ==
| |
− | | |
− | Connecting to <tt>freenode</tt> by <tt>Tor</tt>+<tt>SASL</tt> requires the use of the new dedicated <tt>tor</tt> hidden service [irc://p4fsi4ockecnea7l.onion/ p4fsi4ockecnea7l.onion] (for details see: http://blog.freenode.net/2010/01/connecting-to-freenode-using-tor-sasl/ and http://freenode.net/irc_servers.shtml#tor) and also the use of <tt>SASL</tt> authentication mechanism that could be handled by <tt>XChat</tt>.
| |
− | | |
− | Consequently, this connection method is more complex and articulated than the previouses, as it requires the satisfaction of certain additional requirements:
| |
− | * <tt>Tor</tt> must be properly installed and its service must be running (it is *strongly* recommended that you install the latest version of the available packages from the official repositories of the [http://www.torproject.org <tt>tor</tt>] project, at: https://www.torproject.org/download/download-unix.html.en). <br />Togheter with <tt>tor</tt>, is also recommended the installation of the latest version of the <tt>polipo</tt> and <tt>geoipdb-tor</tt> packages. <br />For installation and configuration of <tt>tor</tt> see the [https://www.torproject.org/docs/tor-doc-unix.html.en official guide].
| |
− | * The system must have installed the support for <tt>SSL</tt> (install the <tt>openssl</tt> package) and also some libraries for encryption (<tt>libcrypt-openssl-bignum-perl</tt>, <tt>libcrypt-dh-perl</tt>, <tt>libcrypt-blowfish-perl</tt>). <br />Note - The required packages may differ depending on the system in use.
| |
− | * A registered and verified <tt>NickServ</tt> account on <tt>freenode</tt> is needed (for the registration procedure, see: http://freenode.net/faq.shtml#userregistration).
| |
− | | |
− | A specific script is needed to make the authentication and security <tt>SASL</tt> framework available to <tt>XChat</tt>. This script should be placed in the <code>~/.xchat2</code> directory, in order to be loaded when <tt>XChat</tt> is opened.
| |
− | | |
− | The <tt>SASL</tt> support in <tt>XChat</tt> could be obtained using the following commands:
| |
− | <code>
| |
− | $ cd ~/.xchat2
| |
− | $ wget http://adipose.attenuate.org/~stephen/ircd-seven/sasl/cap_sasl.py
| |
− | </code>
| |
− | Warning - This Python script seems to work fine, and is released under the GNU GPL license. <br />The Perl script available from <nowiki>http://freenode.net/sasl/</nowiki> do NOT seems working well with <tt>XChat</tt>.
| |
− | | |
− | Note - The help for the <tt>SASL</tt> command in <tt>XChat</tt> could be obtained typing: <code>/HELP SASL</code>
| |
− | | |
− | At this point, we can finally set <tt>XChat</tt>. Having to use <tt>tor</tt> unlike previous cases, now the client must be configured to use the proxy server.
| |
− | | |
− | # From the <em>Settings -> Preferences</em> menu, go to the <em>Network</em> category and open <em>Network setup</em> to configure it as follows:
| |
− | #*in the <em>Proxy server</em> section set:
| |
− | #*: - <em>Hostname</em>: <tt>localhost</tt>
| |
− | #*: - <em>Port</em>: <tt>9050</tt>
| |
− | #*: - <em>Type</em>: <tt>Sock5</tt>
| |
− | #*: - <em>Use proxy for</em>: <tt>All connections</tt>
| |
− | # From the <em>XChat</em> menu, open the <em>Network list</em> (Ctrl + S)
| |
− | # Click the <em>Add</em> button in order to create a new network and call it (with no spaces): <tt>FreeNode-TorSASL</tt>
| |
− | # Select the <tt>FreeNode-TorSASL</tt> network you just created and click on the <em>Edit</em> button to configure it as follows:
| |
− | #*in <em>Servers for …</em>, click on <em>Add</em> and set as server:
| |
− | #*:<code>p4fsi4ockecnea7l.onion</code>
| |
− | #*in the same section, set:
| |
− | #*: - <em>Connect to selected server only</em>: do NOT check
| |
− | #*in the <em>Your Details</em> section, enter the values for <em>Nick name</em>, <em>User name</em> and <em>Real name</em> <br />Warning - You must use a registered and verified <tt>NickServ</tt> account on <tt>freenode</tt> (for the registration procedure, see: http://freenode.net/faq.shtml#userregistration)
| |
− | #*in the <em>Connecting</em> section set:
| |
− | #*: - <em>Auto connect …</em>: set as desired
| |
− | #*: - <em>Use a proxy server</em>: CHECK
| |
− | #*: - <em>Use SSL for all the servers on this network</em>: do NOT check
| |
− | #*: - <em>Accept invalid SSL certificate</em>: do NOT check
| |
− | #*: - <em>Channels to join</em>: <tt>#libreplanet</tt>, <tt>#gnewsense</tt>, … other channels as you like, separated by commas, no spaces…
| |
− | #*: - <em>Connect command</em>: leave blank
| |
− | #*: - <em>Nickserv password</em>: leave blank
| |
− | #*: - <em>Server password</em>: set the password corresponding to the registered and verified <tt>NickServ</tt> account on <tt>freenode</tt> that you are using (see above)
| |
− | #*: - <em>Character set</em>: <tt>UTF-8</tt>
| |
− | # To ensure that the <tt>SASL</tt> framework is used by the <tt>FreeNode-TorSASL</tt> network, in the command area of <tt>XChat</tt> type the command:
| |
− | #:<code>/SASL -set FreeNode-TorSASL mynickname mypassword</code>
| |
− | #: where:
| |
− | #: - <code>FreeNode-TorSASL</code> is the name of the network for which <tt>SASL</tt> have to be used (Warning - Since it is case-sensitive, it must match *exactly* the name assigned to the network for which <tt>SASL</tt> have to be used)
| |
− | #: - <code>mynickname</code> is the nickname of the registered and verified <tt>NickServ</tt> account on <tt>freenode</tt> that you are using (see above)
| |
− | #: - <code>mypassword</code>: is the password of the registered and verified <tt>NickServ</tt> account on <tt>freenode</tt> that you are using (see above)
| |
− | # Close and reopen <tt>XChat</tt>
| |
− | | |
− | The configuration of this new <tt>FreeNode-TorSASL</tt> network will appear in the <code>/~.xchat2/servlist_.conf</code> file. It will be something as:
| |
− | <code>
| |
− | N=FreeNode-TorSASL
| |
− | I=mynickname
| |
− | U=mynickname
| |
− | R=mynickname
| |
− | P=mypassword
| |
− | J=#libreplanet,#gnewsense
| |
− | E=UTF-8 (Unicode)
| |
− | F=17
| |
− | D=0
| |
− | S=p4fsi4ockecnea7l.onion
| |
− | </code>
| |
− | | |
− | The correspondence between the <tt>FreeNode-TorSASL</tt> network and the <tt>SASL</tt> framework will result in a special section within the <code>~/.xchat2/sasl.conf</code> file. It will be something as:
| |
− | <code>
| |
− | [FreeNode-TorSASL]
| |
− | nick = mynickname
| |
− | password = mypassword
| |
− | mechanism = PLAIN
| |
− | </code>
| |
− | To increase security, it is *strongly recommended* to replace in this file the line:
| |
− | <code>
| |
− | mechanism = PLAIN
| |
− | </code>
| |
− | with:
| |
− | <code>
| |
− | mechanism = DH-BLOWFISH
| |
− | </code>
| |
− | | |
− | You can now connect via <tt>Tor</tt>+<tt>SASL</tt> to the <tt>FreeNode-TorSASL</tt> network you just created.
| |
− | | |
− | Note: In some circumstances, probably due to the latency of the <tt>tor</tt> network, the connection might be slow or difficult.
| |
− | | |
− | | |
− | ----
| |
− | ''[ Document edited by: [[User:Alexus|alexus]] ]''
| |