To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
Sasl
This module is a part of ZNC. This module is shipped with ZNC by default. If you have the right "LoadMod" you can activate it with /znc LoadMod sasl The code for this module can be found here. |
The SASL module allows you to authenticate to an IRC network via [1].
This module can be used with the cert module to support the EXTERNAL SASL mechanism. You can do this by setting up a certificate with cert and then setting the module to use the EXTERNAL mechanism. `/msg *sasl mechanism external`.
Commands
< *sasl> +=============+===================+===================================================+ < *sasl> | Command | Arguments | Description | < *sasl> +=============+===================+===================================================+ < *sasl> | Help | search | Generate this output | < *sasl> +-------------+-------------------+---------------------------------------------------+ < *sasl> | Mechanism | [mechanism[ ...]] | Set the mechanisms to be attempted (in order) | < *sasl> +-------------+-------------------+---------------------------------------------------+ < *sasl> | RequireAuth | [yes|no] | Don't connect if SASL cannot be authenticated | < *sasl> +-------------+-------------------+---------------------------------------------------+ < *sasl> | Set | username password | Set username and password for the PLAIN mechanism | < *sasl> +=============+===================+===================================================+ < *sasl> The following mechanisms are available: < *sasl> +===========+==============================================================================+ < *sasl> | Mechanism | Description | < *sasl> +===========+==============================================================================+ < *sasl> | EXTERNAL | TLS certificate, for use with the *cert module | < *sasl> +-----------+------------------------------------------------------------------------------+ < *sasl> | PLAIN | Plain text negotiation, this should work always if the network supports SASL | < *sasl> +===========+==============================================================================+
Example
Basic configuration of the *sasl module. Note that SASL won't be used until you reconnect to the server.
/query *status <you> loadmod sasl <*status> Loaded module [sasl] [/home/znc/.local/lib/znc/sasl.so] /query *sasl <you> mechanism plain <*sasl> Current mechanisms set: PLAIN <you> set MyUsername pa$$w0rd <*sasl> Username has been set to [MyUsername] <*sasl> Password has been set to [pa$$w0rd]
Note: The password is saved unencrypted, so don't make your ZNC data directory readable to other users! Note: The password is transmitted to IRC server in plain text if you don't use SSL.
Nowadays most of networks support either SASL PLAIN or EXTERNAL. DH-BLOWFISH and DH-AES support were removed due to people believing them to be more secure than SASL PLAIN + SSL which is not the case.
Many networks support SASL including:
- Athemenet
- ChatSpike
- EsperNet
- Freenode
- PirateIRC
- Snoonet