October 22, 2014, Wednesday, 16:21:58

IRC/HOWTO:Connect using SSL

From Omerta Wiki

Jump to: navigation, search

Contents

What is SSL?

SSL, or Secure Sockets Layer, is a commonly-used protocol for managing secure transmission on the internet and local networks to prevent eavesdropping, tampering, and message forgery. It encrypts the data right before it's transmitted over the network and decrypts it on the other side right after receiving. SSL is included in most webbrowsers and webproducts but can also be used for other stuff, like IRC, email, IM, VoIP, etc. It has been the standard for secure internet transmissions for years until it recently evolved into TLS (Transport Layer Security).

Why would I need a secure connection?

SSL is used by many organizations, from corporate to governmental, that need to communicate over secure connections. Various educational organizations that provide online teaching also require communications that are secure for privacy reasons. Apart from that, many individuals around the world also depend on secure communications, whether for personal, political, business, or other reasons. Whether you need to use secure communications depends on your own personal circumstances. If it's not something that you think you need then you probably don't.

How do I see if I'm using an SSL-connection?

When connecting to our server you will not notice any difference from connecting to a normal server. A confirmation page will be opened. Accept it. You may see a notice such as:

 -irc.barafranca.com-  *** You are connected using SSL cipher "DHE-RSA-AES-256-CBC-SHA1"

And if you perform a /whois on yourself you should see a note indicating that you are using a secure connection.

TheCainer is TheCainer@feds.barafranca.com * TheCainer
TheCainer using irc.barafranca.com Omerta Game LTD Main IRC server
TheCainer is logged in as TheCainer
TheCainer is using a secure connection
TheCainer has been idle 12mins 34secs, signed on Mon Jul 26 23:41:52
TheCainer End of /WHOIS list.

Using SSL

The procedure to connect through SSL can differ from IRC Client to IRC Client. Some even need additional libraries installed.

The command to connect through SSL is however mostly the same:

 /server irc.barafranca.com +6679

The first time you connect, you will also have to accept the SSL-certificate.

Using SSL with mIRC

The latest versions of mIRC all support secure server connections via SSL using the OpenSSL library. To use the OpenSSL library with mIRC you will need to download the library and place it in the mIRC folder or in the Windows System folder. You can then run mIRC and the OpenSSL library will be used automatically.

Where can I download the OpenSSL library?

An installer for OpenSSL 0.9.8o can be found here: openssl-0.9.8o-setup.exe. This version of the OpenSSL library was created using a default compilation of the OpenSSL source files from the OpenSSL website and as such may or may not be suitable for your particular needs. If you have the technical skills to compile your own, please feel free to do so.

Where do I install OpenSSL?

You will need to place the files either in the mIRC folder (typically C:\Program Files\mIRC) or in the Windows System folder (typically C:\Windows\System32).

What do I do next?

You can now run mIRC as usual and it should find and use the OpenSSL library automatically. To confirm whether mIRC has loaded the OpenSSL library, you can open the Options dialog and look in the Connect/Options section to see if the "SSL" button is enabled. You can also check the $sslready identifier to determine whether mIRC has loaded the OpenSSL library successfully. To initiate a secure connection to the Omerta IRC server, you can use the /server -e-command, or prefix the port number with a plus sign:

 /server -e irc.barafranca.com 6679
 /server irc.barafranca.com +6679

Using SSL with Chatzilla

Chatzilla does not require any additional libraries to be installed. It's has however a slightly different command to connect:

 /sslserver irc.barafranca.com 6679

The first time you will have to add an exception for the SSL certificate.

Using SSL with KVIrc

KVIrc does not require any additional libraries to be installed. It's has however a slightly different command to connect:

 /server -s irc.barafranca.com 6679

Using SSL with Mibbit

The widget automatically connects using SSL.
You can also use the Full Client to connect through SSL to our netwerk. Before connecting, press Server next to the server dropdown-list. This will make an additional text-box appear where you can enter a server. Fill in the following there to use SSL on our network:

 irc.barafranca.com:+6679

Important issues to note

Information you exchange with an IRC server over a secure connection cannot be viewed or modified by others. However, if you want to be sure that your communication is secure, you and the person whom you want to talk to, need to be both using an SSL connection. If talking on a channel, be aware that everyone on the channel must be on a secure connection. If one person on the channel is not on a secure connection, your communications on that channel will not be secure.

See Also

Resources