Using SSL
m |
|||
| Line 3: | Line 3: | ||
The information given here will hopefully assist you in connecting to DareNET using an encrypted connection. This is a work in progress and will become more complete in the near future so please check back often. | The information given here will hopefully assist you in connecting to DareNET using an encrypted connection. This is a work in progress and will become more complete in the near future so please check back often. | ||
| - | + | All DareNET client servers utilize SSL for encryption. Those servers supporting such listen on port 6697 and/or 9999 for incoming SSL connections. There are several methods you can utilize to connect using SSL. The method chosen depends entirely on the client and any additional tunnel software, if needed. Currently, the following clients offer native or builtin SSL support for connections: | |
* [http://www.bitchx.org/ BitchX] | * [http://www.bitchx.org/ BitchX] | ||
| Line 16: | Line 16: | ||
== Servers Supporting SSL == | == Servers Supporting SSL == | ||
| - | * | + | * irc.darenet.org |
== Using SSL with mIRC 6.14+ == | == Using SSL with mIRC 6.14+ == | ||
| Line 22: | Line 22: | ||
Since the majority of our users use mIRC, we'll explain how to connect to DareNET using it. We assume you're using version 6.14 or newer, which all have built-in support for connecting to ssl servers, using the [http://www.openssl.org/ OpenSSL] libraries. | Since the majority of our users use mIRC, we'll explain how to connect to DareNET using it. We assume you're using version 6.14 or newer, which all have built-in support for connecting to ssl servers, using the [http://www.openssl.org/ OpenSSL] libraries. | ||
| - | The OpenSSL libraries are not included with mIRC for licensing reasons, but you can download them pre-compiled for win32 (windows 9x, 2000, 2003, XP) from [http:// | + | The OpenSSL libraries are not included with mIRC for licensing reasons, but you can download them pre-compiled for win32 (windows 9x, 2000, 2003, XP) from [http://archives.darenet.org/archives.php?dir=misc/openssl-bin/&file=Win32OpenSSL_Light-0_9_8l.exe here]. After you download that file, extract the included libraries (libeay32.dll and ssleay32.dll) into your mIRC directory, or you can extract them to your windows/system directory if you prefer. |
| - | ''NOTE: The library files provided above were compiled from the OpenSSL 0.9. | + | ''NOTE: The library files provided above were compiled from the OpenSSL 0.9.8I sources. If you know how to and prefer to compile your own, you can do that as well.'' |
After you have placed libeay32.dll and ssleay32.dll in your mIRC directory, shutdown mIRC and restart it, then it should automatically find the library files and load them. To make sure your copy of mIRC will now work with ssl, you can check the '''$sslready''' variable (type '''''//echo $sslready''''' in your status window, and mIRC should return '''$true''' if the OpenSSL libraries are properly loaded). | After you have placed libeay32.dll and ssleay32.dll in your mIRC directory, shutdown mIRC and restart it, then it should automatically find the library files and load them. To make sure your copy of mIRC will now work with ssl, you can check the '''$sslready''' variable (type '''''//echo $sslready''''' in your status window, and mIRC should return '''$true''' if the OpenSSL libraries are properly loaded). | ||
| - | We use port 9999 for all incoming ssl connections to leafs, so to connect using ssl just use /server | + | We use port 6697 or 9999 for all incoming ssl connections to leafs, so to connect using ssl just use /server irc.darenet.org +6697 (the plus sign is required for ssl connections). For a list of available servers, please see the list above. |
An example: | An example: | ||
| - | <pre>/server | + | <pre>/server irc.darenet.org +6697</pre> |
After you have connected, you can verify that you are connected with ssl using the '''$ssl''' variable in mIRC (type '''''//echo $ssl''''' in your status window, and mIRC should return '''$true'''). Another way to see if you are connected with ssl is to /WHOIS yourself by typing /WHOIS YourNick, and in your WHOIS output you will see a line like this: | After you have connected, you can verify that you are connected with ssl using the '''$ssl''' variable in mIRC (type '''''//echo $ssl''''' in your status window, and mIRC should return '''$true'''). Another way to see if you are connected with ssl is to /WHOIS yourself by typing /WHOIS YourNick, and in your WHOIS output you will see a line like this: | ||
Revision as of 01:09, 31 December 2009
| Please remove this notice when the backlog is cleared. |
The information given here will hopefully assist you in connecting to DareNET using an encrypted connection. This is a work in progress and will become more complete in the near future so please check back often.
All DareNET client servers utilize SSL for encryption. Those servers supporting such listen on port 6697 and/or 9999 for incoming SSL connections. There are several methods you can utilize to connect using SSL. The method chosen depends entirely on the client and any additional tunnel software, if needed. Currently, the following clients offer native or builtin SSL support for connections:
For clients that do not have built-in SSL support such as mIRC versions priot to 6.14 you will need to use an SSL tunnel program. There are two popular SSL tunnels in use now for IRC clients. A unix/linux/windows version that can be used is stunnel and a windows only version is winsslwrap or StunTour. SSL connections are established by connecting through a tunnel. The tunnel opens an SSL connection to an SSL enabled server, and then opens a local connection on your computer. The local connection is usually opened on port 6667, the default IRC port, or can be customised by the user. The client then only needs to connect to localhost (127.0.0.1), or basically to the local computer on the port that the SSL tunnel is listening on. An example command one might use in mIRC with an SSL tunnel program would be: /server localhost . If a port is not specified, the client will usually use the default port, 6667.
In This Guide: |
Servers Supporting SSL
- irc.darenet.org
Using SSL with mIRC 6.14+
Since the majority of our users use mIRC, we'll explain how to connect to DareNET using it. We assume you're using version 6.14 or newer, which all have built-in support for connecting to ssl servers, using the OpenSSL libraries.
The OpenSSL libraries are not included with mIRC for licensing reasons, but you can download them pre-compiled for win32 (windows 9x, 2000, 2003, XP) from here. After you download that file, extract the included libraries (libeay32.dll and ssleay32.dll) into your mIRC directory, or you can extract them to your windows/system directory if you prefer.
NOTE: The library files provided above were compiled from the OpenSSL 0.9.8I sources. If you know how to and prefer to compile your own, you can do that as well.
After you have placed libeay32.dll and ssleay32.dll in your mIRC directory, shutdown mIRC and restart it, then it should automatically find the library files and load them. To make sure your copy of mIRC will now work with ssl, you can check the $sslready variable (type //echo $sslready in your status window, and mIRC should return $true if the OpenSSL libraries are properly loaded).
We use port 6697 or 9999 for all incoming ssl connections to leafs, so to connect using ssl just use /server irc.darenet.org +6697 (the plus sign is required for ssl connections). For a list of available servers, please see the list above.
An example:
/server irc.darenet.org +6697
After you have connected, you can verify that you are connected with ssl using the $ssl variable in mIRC (type //echo $ssl in your status window, and mIRC should return $true). Another way to see if you are connected with ssl is to /WHOIS yourself by typing /WHOIS YourNick, and in your WHOIS output you will see a line like this:
YourNick is using a secure connection (SSL)
If you are using an mIRC version older than 6.14, then the above instructions do not apply to you. You should upgrade to the latest mIRC version. If for some reason you want to keep your current version of mIRC, then you will have to use an ssl tunnel, like StunTour.
SSL-only channels
DareNET's servers support channel mode +S, which means only users connected using SSL will be allowed to join the channel. This is useful for those who want to ensure that their communications on the channel are entirely secure.
Why the need for secure connections?
DareNET/IRC is used by many organizations that need to communicate over secure connections, everything from corporate to governmental. Various educational organizations that provide online teaching also require communications to be secure for privacy purposes. Apart from that, many individuals around the world also depend on secure communications, whether for political, business, or other reasons. At the end of the day, it really depends on your own personal needs. If it's not something that you think you need, then you probably don't!
