Group: LibrePlanet Italia/miniguida-freenode.en

The information contained in this mini-guide is current as of: 13/09/2011.

The text in this page was last modified on: 13/09/2011.

Introduction

The freenode network hosts a lot of IRC channels dedicated to free software: #gnu, #fsf, #libreplanet, #gnewsense and many others.

From January 30, 2010 freenode has migrated their servers from from ircd to ircd-seven. This led to several changes, including the possibility of connection in a safe and anonymous way via SSL or via Tor+SASL. These two methods (alternatives to one another) offer much more privacy and security in communication and authentication than the usual "clear" connection mode.

Here below is a brief description about how to configure XChat (one of the best and most used IRC clients) to connect to freenode in different ways as possible (clear, via SSL and via Tor+SASL).

Prerequisites

• A 100% free GNU/Linux distribution, as is gNewSense :-)
• The XChat (> = 2.8.4) package, properly installed

  Note: In the GNU/Linux distributions which use .deb packages (as gNewSense), XChat could be installed with the command:

  $ sudo apt-get install xchat

XChat: clear connection to freenode

1. From the XChat menu, open the Network list (Ctrl + S)
2. Click the Add button in order to create a new network and call it (with no spaces): FreeNode
3. Select the FreeNode network you just created and click on the Edit button to configure it as follows:
   • in Servers for …, click on Add and set as server:

     irc.freenode.net/8001

   • in the same section, set:

     - Connect to selected server only: do NOT check

   • in the Your Details section, enter the values for Nick name, User name and Real name
   • in the Connecting section set:

     - Auto connect …: set as desired

     - Use a proxy server: do NOT check

     - Use SSL for all the servers on this network: do NOT check

     - Accept invalid SSL certificate: do NOT check

     - Channels to join: #libreplanet, #gnewsense, … other channels as you like, separated by commas, no spaces…

     - Connect command: leave blank

     - Nickserv password: leave blank

     - Server password: to be set only if you are using a nickname registered and verified on freenode

     - Character set: UTF-8

The configuration of this new FreeNode network will appear in the /~.xchat2/servlist_.conf file. It will be something as:

       N=FreeNode
       I=mynickname
       U=mynickname
       R=mynickname
       P=mypassword
       J=#libreplanet,#gnewsense
       E=UTF-8 (Unicode)
       F=1
       D=0
       S=irc.freenode.net/8001

After closing the setup windows, you can connect in clear to the FreeNode network you just created.

XChat: SSL connection to freenode

1. From the XChat menu, open the Network list (Ctrl + S)
2. Click the Add button in order to create a new network and call it (with no spaces): FreeNode-SSL
3. Select the FreeNode-SSL network you just created and click on the Edit button to configure it as follows:
   • in Servers for …, click on Add and set as server:

     irc.freenode.net/7070

   • in the same section, set:

     - Connect to selected server only: do NOT check

   • in the Your Details section, enter the values for Nick name, User name and Real name
   • in the Connecting section set:

     - Auto connect …: set as desired

     - Use a proxy server: do NOT check

     - Use SSL for all the servers on this network: CHECK

     - Accept invalid SSL certificate: CHECK

     - Channels to join: #libreplanet, #gnewsense, … other channels as you like, separated by commas, no spaces…

     - Connect command: leave blank

     - Nickserv password: leave blank

     - Server password: to be set only if you are using a nickname registered and verified on freenode

     - Character set: UTF-8

The configuration of this new FreeNode-SSL network will appear in the /~.xchat2/servlist_.conf file. It will be something as:

       N=FreeNode-SSL
       I=mynickname
       U=mynickname
       R=mynickname
       P=mypassword
       J=#libreplanet,#gnewsense
       E=UTF-8 (Unicode)
       F=37
       D=0
       S=irc.freenode.net/7070

After closing the setup windows, you can connect via SSL to the FreeNode-SSL network you just created.

XChat: Tor+SASL connection to freenode

Connecting to freenode by Tor+SASL requires the use of the new dedicated tor hidden service p4fsi4ockecnea7l.onion (for details see: http://blog.freenode.net/2010/01/connecting-to-freenode-using-tor-sasl/ and http://freenode.net/irc_servers.shtml#tor) and also the use of SASL authentication mechanism that could be handled by XChat.

Consequently, this connection method is more complex and articulated than the previouses, as it requires the satisfaction of certain additional requirements:

• Tor must be properly installed and its service must be running. It is *strongly* recommended that you install the latest version of the available packages from the official repositories of the tor project, at: https://www.torproject.org/download/download-unix.html.en).
  Warning - For installation and configuration of tor see the official guide (it is also recommended the installation of the vidalia and geoipdb-tor packages).
  
• The system must have installed the support for SSL (install the openssl package) and also some libraries for encryption (libcrypt-openssl-bignum-perl, libcrypt-dh-perl, libcrypt-blowfish-perl).
  Note: The required packages for SSL may differ depending on the system in use.
• A registered and verified NickServ account on freenode is needed (for the registration procedure, see: http://freenode.net/faq.shtml#userregistration).
• You must have an appropriate framework for SASL authentication and security in XChat (which can be implemented using a specific script placed in the directory ~/.Xchat2, to be loaded each time XChat is opened).

A convenient way to implement SASL support in XChat is obtained using the following commands to download and install a specific Perl script (released under GNU GPL) made available directly from freenode:

       $ cd ~/.xchat2
       $ wget http://freenode.net/sasl/cap_sasl_xchat.pl

Warning - Python version of this script does NOT seem to work with Debian and its derivatives (see: http://freenode.net/sasl/README.txt).

Once these requirements have been fulfilled, we can finally configure XChat. Having to use tor unlike previous cases, now the client must be configured to use the proxy server.

1. From the Settings -> Preferences menu, go to the Network category and open Network setup to configure it as follows:
   • in the Proxy server section set:

     - Hostname: localhost

     - Port: 9050

     - Type: Sock5

     - Use proxy for: All connections

2. From the XChat menu, open the Network list (Ctrl + S)
3. Click the Add button in order to create a new network and call it (with no spaces): FreeNode-TorSASL
4. Select the FreeNode-TorSASL network you just created and click on the Edit button to configure it as follows:
   • in Servers for …, click on Add and set as server:

     p4fsi4ockecnea7l.onion

   • in the same section, set:

     - Connect to selected server only: do NOT check

   • in the Your Details section, enter the values for Nick name, User name and Real name
     Warning - You must use a registered and verified NickServ account on freenode (for the registration procedure, see: http://freenode.net/faq.shtml#userregistration)
   • in the Connecting section set:

     - Auto connect …: set as desired

     - Use a proxy server: CHECK

     - Use SSL for all the servers on this network: do NOT check

     - Accept invalid SSL certificate: do NOT check

     - Channels to join: #libreplanet, #gnewsense, … other channels as you like, separated by commas, no spaces…

     - Connect command: leave blank

     - Nickserv password: leave blank

     - Server password: set the password corresponding to the registered and verified NickServ account on freenode that you are using (see above)

     - Character set: UTF-8

5. To ensure that the SASL framework is used by the FreeNode-TorSASL network, in the command area of XChat type the command:

   /SASL set FreeNode-TorSASL mynickname mypassword mechanism

   where:

   - FreeNode-TorSASL is the name of the network for which SASL have to be used

   - mynickname is the nickname of the registered and verified NickServ account on freenode that you are using (see above)

   - mypassword: is the password of the registered and verified NickServ account on freenode that you are using (see above)

   - mechanism: is the authentication mechanism to be used (for safety reasons, it is *strongly* recommended to set this parameter as: DH-BLOWFISH)

6. To avoid having to type the above command each time you start XChat, save the SASL configuration typing in XChat the command:

   /SASL save

   Note: To view the help on the SASL command, type in XChat the command: /HELP SASL

7. Close and reopen XChat.

The configuration of this new FreeNode-TorSASL network will appear in the /~.xchat2/servlist_.conf file. It will be something as:

       N=FreeNode-TorSASL
       I=mynickname
       U=mynickname
       R=mynickname
       P=mypassword
       J=#libreplanet,#gnewsense
       E=UTF-8 (Unicode)
       F=17
       D=0
       S=p4fsi4ockecnea7l.onion

The parameters for the SASL authentication will result (if saved) in the ~/.xchat2/sasl.auth file.

You can now connect via Tor+SASL to the FreeNode-TorSASL network you just created.

Note: In some circumstances, probably due to the latency of the tor network, the connection might be slow or difficult (in this case it may be useful to modify the script cap_sasl_xchat.pl to increase the duration of the authentication time-out).

[ Document edited by: alexus ]