zoukankan      html  css  js  c++  java
  • freenode configuration sasl authentication in weechat

    转自:https://www.weechat.org/files/doc/stable/weechat_user.en.html#irc_sasl_authentication

     SASL authentication

    WeeChat supports SASL authentication, using different mechanisms:

    • plain: plain text password (default)

    • ecdsa-nist256p-challenge: challenge with public/private key

    • external: client side SSL cert

    • dh-blowfish: blowfish encrypted password (insecure, not recommended)

    • dh-aes: AES encrypted password (insecure, not recommended)

      The "gcrypt" library is required when compiling WeeChat in order to use "dh-blowfish" and "dh-aes" mechanisms (see dependencies).

    Options in servers are:

    • sasl_mechanism: mechanism to use (see above)

    • sasl_timeout: timeout (in seconds) for authentication

    • sasl_fail: action to perform if authentication fails

    • sasl_username: username (nick)

    • sasl_password: password

    • sasl_key: file with ECC private key (for mechanism ecdsa-nist256p-challenge)

    SASL ECDSA-NIST256P-CHALLENGE

    You must generate a private key in order to authentify with the ECDSA-NIST256P-CHALLENGE mechanism (no password is required on connection).

    You can generate the key with this command:

    $ openssl ecparam -genkey -name prime256v1 >~/.weechat/ecdsa.pem

    Get the public key (encoded as base64) with this command:

    $ openssl ec -noout -text -conv_form compressed -in ~/.weechat/ecdsa.pem | grep '^pub:' -A 3 | tail -n 3 | tr -d ' 
    :' | xxd -r -p | base64

    Connect to the server, identify (for example with "nickserv identify") and set your public key in your account, using nickserv (replace the base64 value with your public key):

    /connect freenode
    /msg nickserv identify your_password
    /msg nickserv set pubkey Av8k1FOGetUDq7sPMBfufSIZ5c2I/QYWgiwHtNXkVe/q

    Configure the SASL options in the server:

    /set irc.server.freenode.sasl_mechanism ecdsa-nist256p-challenge
    /set irc.server.freenode.sasl_username "your_nickname"
    /set irc.server.freenode.sasl_key "%h/ecdsa.pem"

    Reconnect to the server:

    /reconnect freenode
  • 相关阅读:
    【转】浏览器的渲染:过程与原理
    DOMContentLoaded、ready、load事件的区别
    ES6中export default 与export区别
    require一个node模块什么时候需要加上.default
    【转】函数防抖与函数节流
    【转】JavaScript函数柯里化的一些思考
    【原】javascript笔记之splice和slice这两兄弟为毛这么难记
    【转】JS 的 new 到底是干什么的?
    【原】移动端vue页面点透事件
    【转】用 async/await 来处理异步
  • 原文地址:https://www.cnblogs.com/chjbbs/p/7290673.html
Copyright © 2011-2022 走看看