CService: Difference between revisions

This is an external module. Please note that it may or may not work with the current release (1.9.1). This module is not included in the default ZNC installation, and you will need to manually compile it before you can load this module. Contact the author if you have any questions, but feel free to ask in #znc on Libera.Chat. Someone might be able to help you there.

The `CService` ZNC module provides secure login functionality for X on UnderNet, including support for 2FA/TOTP authentication and LoC (Login on Connect). It allows users to configure login details, enable/disable 2FA, and specify user modes. Sensitive data, such as passwords and 2FA secrets, are encrypted using AES-256 encryption for enhanced security.

Getting the Code

The code for this module can be found here.

Compatibility

This module was compiled and tested with ZNC 1.10.

Features

• Secure Login: Authenticate with UnderNet using your username, password, and optional 2FA/TOTP.
• 2FA/TOTP Support: Enhance security by adding time-based one-time passwords.
• LoC (Login on Connect): Log in to UnderNet automatically using the LoC feature.
• Custom User Modes: Set user mode prefixes (-x!, +x!, or -!+x) during server connection.
• Encrypted Credentials: Passwords and 2FA secrets are stored securely using AES-256 encryption.

Usage

Arguments

This user module takes none arguments. No additional arguments are required to load the module. Use commands to configure settings.

Read loading modules to learn more about loading modules.

Commands

setusername

Sets the UnderNet username:

/msg *cservice setusername your_username

unsetusername

Removes the stored UnderNet username:

/msg *cservice unsetusername

setpassword

Sets the UnderNet password. The password is stored securely using AES-256 encryption:

/msg *cservice setpassword your_password

unsetpassword

Removes the stored UnderNet password:

/msg *cservice unsetpassword

setsecret

Sets the 2FA/TOTP secret key. The secret is stored securely using AES-256 encryption:

/msg *cservice setsecret your_2fa_secret

enable2fa

Enables 2FA/TOTP for secure logins:

/msg *cservice enable2fa

disable2fa

Disables 2FA/TOTP:

/msg *cservice disable2fa

setusermode

Sets the user mode prefix for the server connection. Valid options are -x!, +x!, -!+x, or an empty string:

/msg *cservice setusermode +x!

showconfig

Displays the current configuration settings:

/msg *cservice showconfig

Example Usage

1. Set your username:

  /msg *cservice setusername MyUser

2. Set your password:

  /msg *cservice setpassword MyPassword

3. Set your TOTP secret:

  /msg *cservice setsecret ABCDEFGHIJKLMNOPQRSTUV

4. Enable 2FA:

  /msg *cservice enable2fa

5. View your current configuration:

  /msg *cservice showconfig

Formatting the 2FA Secret Key

The CService website provides the 2FA secret key in eight groups separated by spaces, like this: ``` a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6 ``` Before entering the key into the module, you must: 1. Remove all spaces. 2. Convert all lowercase letters to uppercase.

For example, if CService gives you `a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6`, you should enter it as: ``` A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6 ``` This ensures compatibility with the module.

You can use the following Linux command to reformat the key automatically: ```bash echo "a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6" | tr -d ' ' | tr '[:lower:]' '[:upper:]' ```

Notes

• Always generate a secure encryption key (`MASTER_KEY`) before compiling the module. Use the following OpenSSL command:

  openssl rand -hex 32  
 Replace `MASTER_KEY` in the source code with the generated key.

• The `MASTER_KEY` must be kept safe. If lost, the encrypted password and 2FA secret key will no longer work and you'll have to reconfigure it.

• For changes to take effect, reload the module:

  /znc unloadmod cservice  
  /znc loadmod cservice

See Also

For more information on UnderNet's Login on Connect (LoC) feature, visit UnderNet LoC.

Enjoy secure and seamless logins with the `CService` ZNC module!