Group: LibrePlanet Italia/miniguida-freenode.en
m (Fixed changed link to sasl script) |
m (Added a warning about user name in Tor+SASL connection) |
||
(8 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
{{Languages|master page=miniguida-freenode|language=en}} | {{Languages|master page=miniguida-freenode|language=en}} | ||
− | ''The information contained in this mini-guide is current as of: | + | ''The information contained in this mini-guide is current as of: 27/10/2020.'' |
''The text in this page was last modified on: {{REVISIONDAY}}/{{REVISIONMONTH}}/{{REVISIONYEAR}}.'' | ''The text in this page was last modified on: {{REVISIONDAY}}/{{REVISIONMONTH}}/{{REVISIONYEAR}}.'' | ||
Line 7: | Line 7: | ||
== Introduction == | == Introduction == | ||
− | The [http://freenode.net/ <tt>freenode</tt>] network hosts a lot of [ | + | The <strong>[http://freenode.net/ <tt>freenode</tt>]</strong> network hosts a lot of <tt>IRC</tt> ([https://en.wikipedia.org/wiki/Internet_Relay_Chat Internet Relay Chat]) channels dedicated to [http://www.gnu.org/philosophy/free-sw.it.html free software]: <tt>#gnu</tt>, <tt>#fsf</tt>, <tt>#libreplanet</tt> and many others. |
− | + | Users can login to <tt>freenode</tt> using an anonymous nickname or using a registered and verified <tt>NickServ</tt> account.<ref name="nickname_registration">[https://freenode.net/kb/answer/registration Nickname Registration on <tt>freenode</tt>]</ref> | |
− | + | IRC clients can connect to <tt>freenode</tt> using the common ways: | |
+ | * <strong>[https://simple.wikipedia.org/wiki/Cleartext <tt>plain–text</tt>]</strong> (unencrypted, on ports 6665-6667 and 8000-8002, with or without a registered account))<ref name="freenode_conn">[https://freenode.net/kb/answer/chat Connecting to <tt>freenode</tt>]</ref> | ||
+ | * <strong>[https://en.wikipedia.org/wiki/Transport_Layer_Security <tt>TLS–encrypted</tt>]</strong> (encrypted channel, on ports 6697, 7000 and 7070, with or without a registered account)<ref name="tls_conn">[https://freenode.net/kb/answer/chat#accessing-freenode-via-tls Accessing <tt>freenode</tt> via <tt>TLS</tt>]</ref> | ||
+ | |||
+ | Using a registered account, you can also: | ||
+ | * log in into <tt>freenode</tt> via <strong>[https://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer <tt>SASL</tt>]</strong>.<ref name="sasl_conn">[https://freenode.net/kb/answer/sasl Connecting to <tt>freenode</tt> with <tt>SASL</tt>]</ref><br /><tt>SASL</tt> authentication allows registered accounts to authenticate to services (<tt>NickServ</tt>) during the logon process, eliminating the need to identify themselves later (using the <tt>IRC</tt> command: <tt>/msg NickServ identify <password></tt>) | ||
+ | * connect to <tt>freenode</tt> via <strong>[http://www.torproject.org/ <tt>Tor</tt>]</strong> with <tt>SASL EXTERNAL</tt> authentication via certificate–based <tt>TLS</tt>.<ref name="tor_conn">[https://freenode.net/kb/answer/chat#accessing-freenode-via-tor Accessing <tt>freenode</tt> via <tt>Tor</tt>]</ref><br />This mode (introduced in May 2019) uses the [https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions Next Gen Onion] protocol<ref name="next_gen_tor">[https://freenode.net/news/torv3 Freenode Next Gen Tor Hidden Service]</ref> and ensures a much greater degree of security and privacy | ||
+ | |||
+ | The procedures for configuring the <strong>[https://hexchat.github.io/ <tt>HexChat</tt>]</strong> <tt>IRC</tt> client for the different ways of connecting to <tt>freenode</tt> are summarized below. | ||
+ | |||
+ | <tt>HexChat</tt> is a fork of [http://xchat.org/ <tt>XChat</tt>] (no longer actively developed for many years) and is released under the [https://www.gnu.org/licenses/old-licenses/gpl-2.0.html <tt>GPL2</tt>] license. | ||
== Prerequisites == | == Prerequisites == | ||
− | * A [http://www.gnu.org/ | + | * A [http://www.gnu.org/ GNU/Linux] distribution :-) |
− | * The [http://xchat.org/ <tt>XChat</tt>] (> = 2.8.4) package, properly installed | + | * The [http://xchat.org/ <tt>XChat</tt>] (> = 2.8.4) package, properly installed on the system (the configurations described in this guide have been tested on version 2.14.2)<br />Note — In distributions using <tt>deb</tt> packages, <tt>HexChat</tt> is installed with the command: <br /><code>$ sudo apt-get install hexchat</code> |
− | *:Note | + | * To verify server certificates when connecting with <tt>TLS</tt> protocol, the system must have an up-to-date set of <em>root CA certificates</em> (otherwise, the root certificate is downloaded from [https://letsencrypt.org/certificates/ LetsEncrypt]).<br />Note — In distributions using <tt>deb</tt> packages, installing the package called <tt>ca-certificates</tt> or similar should be sufficient. |
− | + | * To use <tt>SASL</tt> authentication with a registered and verified <tt>freenode</tt> <tt>NickServ</tt> account, the system must have <tt>TLS</tt> support (install the <tt>openssl</tt> package) and the related encryption libraries. <br />Warning — The packages required for <tt>TLS</tt> support may differ depending on your system. | |
− | + | * To use the connection mode via <tt>Tor + SASL</tt>, <tt>Tor</tt> must be properly installed and its service must be running. <br />Warning — It is strongly recommended to install an updated version of <tt>Tor</tt> (see the official [http://www.torproject.org <tt>Tor project</tt>] repositories). At least <tt>Tor</tt> >= 0.3.5 is required. <br />Note — For the installation and configuration of <tt>Tor</tt>, please see the relevant [https://www.torproject.org/docs/tor-doc-unix.html.en official guide]. | |
− | = | ||
− | + | == HexChat: <em>Plain–text</em> or <em>TSL–encrypted</em> connection == | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | # From the <em>HexChat</em> menu in <tt>HexChat</tt>, open the <em>Network List</em> window (Ctrl+S) <br />Note — In this window it is possible to enter the "global" user information that can eventually be used for all the networks in the list (<em>Nick name</em>, <em>Second choice</em>, <em>Real name</em>, <em>User name</em>) | |
− | < | + | # Click on the <em>Add</em> button to create a new network, giving it a suitable identifier (eg <tt>FreeNode</tt>) |
− | + | # Select the network you just created and click on the <em>Edit…</em> button | |
− | + | #* select the <em>Servers</em> tab | |
− | + | #* click on the <em>Add</em> button and set the server:<ref name="freenode_conn" /> <br /><code>chat.freenode.net</code> | |
− | + | # Set the connection parameters: | |
− | + | #* <em>Connect to selected server olny</em>: DO NOT CHECK | |
− | + | #* <em>Connect to this network automatically</em>: set as desired | |
− | + | #* <em>Bypass proxy server</em>: CHECK <br />Note — Depending on the local network configuration in use, it may be necessary to NOT CHECK | |
− | + | #* <em>Use SSL for all the servers on this network</em>: CHECK<br />Note — This sets <tt>TSL–encrypted</tt><ref name="tls_conn" /> mode (recommended) instead of <tt>plain–text</tt> | |
− | + | #* <em>Accept invalid SSL certificates</em>: DO NOT CHECK | |
− | + | # Enter user information specific to this connection <br />(or CHECK the <em>Use global user information</em> box to use any "global" user information defined in the <em>Network List</em> window) | |
− | </ | + | # Enter the parameters for authentication: |
+ | #* to log in with a generic nickname (without a registered account): | ||
+ | #** <em>Login method</em>: <tt>Default</tt> | ||
+ | #** <em>Password</em>: leave blank | ||
+ | #* to log in with a registered <tt>NickServ</tt> account: | ||
+ | #** <em>Login method</em>: <tt>NickServ (/MSG NickServ + password)</tt> | ||
+ | #** <em>Password</em>: set with the password corresponding to the <em>User name</em> of the registered <tt>NickServ</tt> account | ||
+ | #* to log in via <tt>SASL</tt> with a registered <tt>NickServ</tt> account<ref name="sasl_conn" />: | ||
+ | #** <em>Login method</em>: <tt>SASL (username + password)</tt> | ||
+ | #** <em>Password</em>: set with the password corresponding to the <em>User name</em> of the registered <tt>NickServ</tt> account | ||
+ | # Set the character set to use: | ||
+ | #* <em>Character set</em>: <tt>UTF-8</tt> | ||
+ | # By selecting the <em>Autojoin channels</em> tab, you can also add a list of channels that will be automatically accessed once connected. | ||
− | |||
− | + | Once the <em>Network List</em> window is closed, you can connect to the newly created <tt>freenode</tt> network. | |
− | + | The configuration of the new <tt>freenode</tt> network will appear in the <code>~/.config/hexchat/servlist.conf</code> file and will look like this: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | * <tt>TSL–encrypted</tt> mode without authentication (without a registered account): | |
− | < | + | <pre> |
− | + | N=FreeNode | |
− | + | I=mynickname | |
− | + | i=mynickname_secondary | |
− | + | U=myusername | |
− | + | R=myrealname | |
− | + | E=UTF-8 (Unicode) | |
− | + | F=6 | |
− | + | D=0 | |
− | + | S=chat.freenode.net | |
− | + | </pre> | |
− | </ | ||
− | + | * <tt>TSL–encrypted</tt> mode with <tt>NickServ</tt> authentication: | |
+ | <pre> | ||
+ | N=FreeNode | ||
+ | I=mynickname | ||
+ | i=mynickname_secondary | ||
+ | U=myusername | ||
+ | R=myrealname | ||
+ | P=mypassword | ||
+ | L=1 | ||
+ | E=UTF-8 (Unicode) | ||
+ | F=6 | ||
+ | D=0 | ||
+ | S=chat.freenode.net | ||
+ | </pre> | ||
− | == | + | * <tt>TSL–encrypted</tt> mode with <tt>SASL</tt> authentication: |
+ | <pre> | ||
+ | N=FreeNode | ||
+ | I=mynickname | ||
+ | i=mynickname_secondary | ||
+ | U=myusername | ||
+ | R=myrealname | ||
+ | P=mypassword | ||
+ | L=6 | ||
+ | E=UTF-8 (Unicode) | ||
+ | F=71 | ||
+ | D=1 | ||
+ | S=chat.freenode.net | ||
+ | </pre> | ||
− | + | == HexChat: Connection via <tt>Tor+SASL</tt> == | |
− | + | The connection to <tt>freenode</tt> via <tt>Tor</tt>+<tt>SASL</tt> takes place through a <tt>Tor</tt> hidden service (that uses the recent [https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions Next Gen Onion] protocol):<br /><code>ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion</code> | |
− | |||
− | |||
− | |||
− | + | To avoid any abuse, the service offered by <tt>freenode</tt> requires a registered and verified <tt>NickServ</tt> account, which must be authenticated in <tt>SASL EXTERNAL</tt> (or <tt>ECDSA-NIST256P-CHALLENGE</tt>) mode via <tt>TLS&ndashencrypted</tt> using a special certificate associated with the same account.<ref name="tor_conn" /> | |
− | + | To be able to connect to <tt>freenode</tt> via <tt>Tor</tt>+<tt>SASL</tt> it is therefore necessary to satisfy some additional prerequisites: | |
− | < | + | # have a registered and verified <tt>NickServ</tt> <tt>freenode</tt> account <ref name="nickname_registration" /> |
− | + | # associate a specific <tt>TLS</tt> certificate to the same account<ref name="certfp">[https://freenode.net/kb/answer/certfp <tt>CertFP</tt> certificate]</ref> | |
− | |||
− | </ | ||
− | |||
− | |||
− | + | A convenient way to prepare and associate the certificate is the procedure described below<ref name="certfp" />: | |
+ | * create the certificate and view its fingerprint by executing the commands from the terminal:<br /> | ||
+ | <pre> | ||
+ | $ openssl req -x509 -new -newkey rsa:4096 -sha256 -days 1096 -nodes -out freenode.pem -keyout freenode.pem | ||
+ | $ openssl x509 -in freenode.pem -outform der | sha1sum -b | cut -d' ' -f1 | ||
+ | </pre> | ||
+ | : Attention - The certificate is valid for about 3 years. It will therefore have to be regenerated upon expiration. | ||
+ | * make the certificate available to <tt>HexChat</tt>, by running the commands from the terminal:<br /> | ||
+ | <pre> | ||
+ | $ mkdir ~/.config/hexchat/certs/ | ||
+ | $ mv freenode.pem ~/.config/hexchat/certs/freenode.pem | ||
+ | </pre> | ||
+ | * log into <tt>freenode</tt> using the <tt>TSL–encrypted</tt> mode described above | ||
+ | * associate the certificate to the registered account by running the <tt>IRC</tt> command: <br /> | ||
+ | <pre> | ||
+ | /msg NickServ CERT ADD <fingerprint> | ||
+ | </pre> | ||
+ | : where <tt><fingerprint></tt> must be replaced with the certificate fingerprint as shown above. | ||
− | + | Of course, <tt>HexChat</tt> must also be configured appropriately (note that, in this case, the client must be configured to use the local <tt>Tor</tt> proxy): | |
− | # | + | # From the <em>HexChat</em> menu in <tt>HexChat</tt>, open the <em>Network List</em> window (Ctrl+S) <br />Note — In this window it is possible to enter the "global" user information that can eventually be used for all the networks in the list (<em>Nick name</em>, <em>Second choice</em>, <em>Real name</em>, <em>User name</em>) |
− | + | # Click on the <em>Add</em> button to create a new network, giving it a suitable identifier (eg <tt>FreeNode-Tor</tt>) | |
− | + | # Select the network you just created and click on the <em>Edit…</em> button | |
− | + | #* select the <em>Servers</em> tab | |
− | + | #* click on the <em>Add</em> button and set the server: <br /><code>ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion</code> | |
− | + | # Set the connection parameters: | |
− | # Click the <em>Add</em> button | + | #* <em>Connect to selected server olny</em>: CHECK |
− | # Select the | + | #* <em>Connect to this network automatically</em>: set as desired |
− | #* | + | #* <em>Bypass proxy server</em>: DO NOT CHECK (in order to use the local <tt>Tor</tt> proxy) |
− | + | #* <em>Use SSL for all the servers on this network</em>: CHECK (to set <tt>TSL–encrypted</tt> mode) | |
− | # | + | #* <em>Accept invalid SSL certificates</em>: DO NOT CHECK |
− | #* | + | # Enter user information specific to this connection (or CHECK the <em>Use global user information</em> box to use any "global" user information defined in the <em>Network List</em> window)<br />Warning — The resulting <em>User name</em> must be that of the registered <tt>NickServ</tt> account! |
− | #* | + | # Enter the parameters for authentication: |
− | #* | + | #* <em>Login method</em>: <tt>SASL EXTERNAL (cert)</tt> |
− | + | #* <em>Password</em>: field disabled (the certificate associated with the registered <tt>NickServ</tt> account will be used) | |
− | + | # Set the character set to use: | |
− | #* | + | #* <em>Character set</em>: <tt>UTF-8</tt> |
− | #* | + | # By selecting the <em>Autojoin channels</em> tab, you can also add a list of channels that will be automatically accessed once connected. |
− | # | ||
− | |||
− | |||
− | |||
− | #* | ||
− | |||
− | # | ||
− | |||
− | |||
− | #: | ||
− | # | ||
− | # | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | The | + | The configuration of the new <tt>freenode</tt> network will appear in the <code>~/.config/hexchat/servlist.conf</code> file and will look like this: |
− | < | + | <pre> |
− | + | N=FreeNode-Tor | |
− | + | I=mynickname | |
− | + | i=mynickname_secondary | |
− | + | U=myusername | |
− | + | R=myrealname | |
− | + | L=10 | |
− | + | E=UTF-8 (Unicode) | |
− | + | F=118 | |
− | + | D=0 | |
− | + | S=ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion | |
− | + | </pre> | |
− | |||
− | </ | ||
− | You can now connect via <tt>Tor</tt>+<tt>SASL</tt> to the | + | You can now connect via <tt>Tor</tt>+<tt>SASL</tt> to the newly created network. |
− | + | == References == | |
+ | <references /> | ||
---- | ---- | ||
''[ Document edited by: [[User:Alexus|alexus]] ]'' | ''[ Document edited by: [[User:Alexus|alexus]] ]'' |
Latest revision as of 15:37, 28 October 2020
The information contained in this mini-guide is current as of: 27/10/2020.
The text in this page was last modified on: 28/10/2020.
Contents
Introduction
The freenode network hosts a lot of IRC (Internet Relay Chat) channels dedicated to free software: #gnu, #fsf, #libreplanet and many others.
Users can login to freenode using an anonymous nickname or using a registered and verified NickServ account.[1]
IRC clients can connect to freenode using the common ways:
- plain–text (unencrypted, on ports 6665-6667 and 8000-8002, with or without a registered account))[2]
- TLS–encrypted (encrypted channel, on ports 6697, 7000 and 7070, with or without a registered account)[3]
Using a registered account, you can also:
- log in into freenode via SASL.[4]
SASL authentication allows registered accounts to authenticate to services (NickServ) during the logon process, eliminating the need to identify themselves later (using the IRC command: /msg NickServ identify <password>) - connect to freenode via Tor with SASL EXTERNAL authentication via certificate–based TLS.[5]
This mode (introduced in May 2019) uses the Next Gen Onion protocol[6] and ensures a much greater degree of security and privacy
The procedures for configuring the HexChat IRC client for the different ways of connecting to freenode are summarized below.
HexChat is a fork of XChat (no longer actively developed for many years) and is released under the GPL2 license.
Prerequisites
- A GNU/Linux distribution :-)
- The XChat (> = 2.8.4) package, properly installed on the system (the configurations described in this guide have been tested on version 2.14.2)
Note — In distributions using deb packages, HexChat is installed with the command:$ sudo apt-get install hexchat
- To verify server certificates when connecting with TLS protocol, the system must have an up-to-date set of root CA certificates (otherwise, the root certificate is downloaded from LetsEncrypt).
Note — In distributions using deb packages, installing the package called ca-certificates or similar should be sufficient. - To use SASL authentication with a registered and verified freenode NickServ account, the system must have TLS support (install the openssl package) and the related encryption libraries.
Warning — The packages required for TLS support may differ depending on your system. - To use the connection mode via Tor + SASL, Tor must be properly installed and its service must be running.
Warning — It is strongly recommended to install an updated version of Tor (see the official Tor project repositories). At least Tor >= 0.3.5 is required.
Note — For the installation and configuration of Tor, please see the relevant official guide.
HexChat: Plain–text or TSL–encrypted connection
- From the HexChat menu in HexChat, open the Network List window (Ctrl+S)
Note — In this window it is possible to enter the "global" user information that can eventually be used for all the networks in the list (Nick name, Second choice, Real name, User name) - Click on the Add button to create a new network, giving it a suitable identifier (eg FreeNode)
- Select the network you just created and click on the Edit… button
- select the Servers tab
- click on the Add button and set the server:[2]
chat.freenode.net
- Set the connection parameters:
- Connect to selected server olny: DO NOT CHECK
- Connect to this network automatically: set as desired
-
Bypass proxy server: CHECK
Note — Depending on the local network configuration in use, it may be necessary to NOT CHECK -
Use SSL for all the servers on this network: CHECK
Note — This sets TSL–encrypted[3] mode (recommended) instead of plain–text - Accept invalid SSL certificates: DO NOT CHECK
- Enter user information specific to this connection
(or CHECK the Use global user information box to use any "global" user information defined in the Network List window) - Enter the parameters for authentication:
- to log in with a generic nickname (without a registered account):
- Login method: Default
- Password: leave blank
- to log in with a registered NickServ account:
- Login method: NickServ (/MSG NickServ + password)
- Password: set with the password corresponding to the User name of the registered NickServ account
- to log in via SASL with a registered NickServ account[4]:
- Login method: SASL (username + password)
- Password: set with the password corresponding to the User name of the registered NickServ account
- to log in with a generic nickname (without a registered account):
- Set the character set to use:
- Character set: UTF-8
- By selecting the Autojoin channels tab, you can also add a list of channels that will be automatically accessed once connected.
Once the Network List window is closed, you can connect to the newly created freenode network.
The configuration of the new freenode network will appear in the ~/.config/hexchat/servlist.conf
file and will look like this:
- TSL–encrypted mode without authentication (without a registered account):
N=FreeNode I=mynickname i=mynickname_secondary U=myusername R=myrealname E=UTF-8 (Unicode) F=6 D=0 S=chat.freenode.net
- TSL–encrypted mode with NickServ authentication:
N=FreeNode I=mynickname i=mynickname_secondary U=myusername R=myrealname P=mypassword L=1 E=UTF-8 (Unicode) F=6 D=0 S=chat.freenode.net
- TSL–encrypted mode with SASL authentication:
N=FreeNode I=mynickname i=mynickname_secondary U=myusername R=myrealname P=mypassword L=6 E=UTF-8 (Unicode) F=71 D=1 S=chat.freenode.net
HexChat: Connection via Tor+SASL
The connection to freenode via Tor+SASL takes place through a Tor hidden service (that uses the recent Next Gen Onion protocol):ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion
To avoid any abuse, the service offered by freenode requires a registered and verified NickServ account, which must be authenticated in SASL EXTERNAL (or ECDSA-NIST256P-CHALLENGE) mode via TLS&ndashencrypted using a special certificate associated with the same account.[5]
To be able to connect to freenode via Tor+SASL it is therefore necessary to satisfy some additional prerequisites:
- have a registered and verified NickServ freenode account [1]
- associate a specific TLS certificate to the same account[7]
A convenient way to prepare and associate the certificate is the procedure described below[7]:
- create the certificate and view its fingerprint by executing the commands from the terminal:
$ openssl req -x509 -new -newkey rsa:4096 -sha256 -days 1096 -nodes -out freenode.pem -keyout freenode.pem $ openssl x509 -in freenode.pem -outform der | sha1sum -b | cut -d' ' -f1
- Attention - The certificate is valid for about 3 years. It will therefore have to be regenerated upon expiration.
- make the certificate available to HexChat, by running the commands from the terminal:
$ mkdir ~/.config/hexchat/certs/ $ mv freenode.pem ~/.config/hexchat/certs/freenode.pem
- log into freenode using the TSL–encrypted mode described above
- associate the certificate to the registered account by running the IRC command:
/msg NickServ CERT ADD <fingerprint>
- where <fingerprint> must be replaced with the certificate fingerprint as shown above.
Of course, HexChat must also be configured appropriately (note that, in this case, the client must be configured to use the local Tor proxy):
- From the HexChat menu in HexChat, open the Network List window (Ctrl+S)
Note — In this window it is possible to enter the "global" user information that can eventually be used for all the networks in the list (Nick name, Second choice, Real name, User name) - Click on the Add button to create a new network, giving it a suitable identifier (eg FreeNode-Tor)
- Select the network you just created and click on the Edit… button
- select the Servers tab
- click on the Add button and set the server:
ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion
- Set the connection parameters:
- Connect to selected server olny: CHECK
- Connect to this network automatically: set as desired
- Bypass proxy server: DO NOT CHECK (in order to use the local Tor proxy)
- Use SSL for all the servers on this network: CHECK (to set TSL–encrypted mode)
- Accept invalid SSL certificates: DO NOT CHECK
- Enter user information specific to this connection (or CHECK the Use global user information box to use any "global" user information defined in the Network List window)
Warning — The resulting User name must be that of the registered NickServ account! - Enter the parameters for authentication:
- Login method: SASL EXTERNAL (cert)
- Password: field disabled (the certificate associated with the registered NickServ account will be used)
- Set the character set to use:
- Character set: UTF-8
- By selecting the Autojoin channels tab, you can also add a list of channels that will be automatically accessed once connected.
The configuration of the new freenode network will appear in the ~/.config/hexchat/servlist.conf
file and will look like this:
N=FreeNode-Tor I=mynickname i=mynickname_secondary U=myusername R=myrealname L=10 E=UTF-8 (Unicode) F=118 D=0 S=ajnvpgl6prmkb7yktvue6im5wiedlz2w32uhcwaamdiecdrfpwwgnlqd.onion
You can now connect via Tor+SASL to the newly created network.
References
[ Document edited by: alexus ]