HOWTO: Configure Tor + SASL + irc to connect to Freenode
Tags: freenode, identd, irc, linux, nickname, Perl, Python, Tcl, VMware, xchatI fought this problem on the train into the city today, because my MiFi‘s hostname was not correctly reversing to it’s given IP (verified by dig) and Freenode was denying the connection; it looked like this:
Mar 22 06:51:41 * Looking up irc.freenode.net Mar 22 06:51:41 * Connecting to chat.freenode.net (86.65.39.15) port 6667... Mar 22 06:51:42 * Connected. Now logging in... Mar 22 06:51:42 * *** Looking up your hostname... Mar 22 06:51:42 * *** Checking Ident Mar 22 06:51:42 * *** Your forward and reverse DNS do not match, ignoring hostname Mar 22 06:51:55 * *** No Ident response Mar 22 06:51:55 * *** Notice -- You need to identify via SASL to use this server Mar 22 06:51:55 * Closing Link: 166.199.4.113 (SASL access only) Mar 22 06:51:55 * Disconnected (Remote host closed socket). Mar 22 06:52:05 Cycling to next server in Freenode... Mar 22 06:52:05 * Disconnected ().
I wanted to connect, to talk to the folks in #linux, and ask them about another question I had (see newer blog post about fullscreen VMware session for that). This was yet another example of the kind of Yak Shaving I deal with on a daily basis.
At first, I tried installing a few identd daemons, then some of the spoofing identd daemons, then purged them all and decided to try identifying using SASL like it suggested.
I did a few seconds of Google’ing and found a helpful website with a SASL plugin in C. I compiled that, installed it into /usr/lib/xchat/plugins, restarted XChat, and attempted to authenticate and identify using this plugin and the instructions.
If the site goes down, I have local copies of the files you need, just email me.
You’ll need to create a file called cap_sasl.conf and put it in ~/.xchat2/, which includes the following syntax:
/sasl [nickname] [password] FreeNode
So if your nickname (username on Freenode) was ‘foobar‘ and your password was “MyS3cretPas5word“, you’d put the following in that file:
/sasl foobar MyS3cretPas5word FreeNode
If you compiled this correctly and put it in the right place, you can also just issue a simple /help sasl command to get the syntax:
Usage: SASL <login> <password> <network>, enable SASL authentication for given network
When you load up XChat, you should see something like this in the main window (if the plugin works):
Python interface loaded Display amarok loaded, type "/disrok help" for a command list Perl interface loaded Tcl plugin for XChat - Version 1.63 Copyright 2002-2005 Daniel P. Stasinski http://www.scriptkitties.com/tclplugin/ Tcl interface loaded Loading cap_sasl.conf Enabled SASL authentication for FreeNode cap_sasl plugin 0.0.4 loaded
The last two lines are what you’re looking for. Now typing “/sasl” will show you the following:
foobar:MyS3cretPas5word at FreeNode
This too, failed to authenticate me and validate my (incorrect) reverse DNS problem. What I saw was this:
Mar 22 20:24:02 * Looking up irc.freenode.net Mar 22 20:24:05 * Connecting to chat.freenode.net (140.211.167.98) port 6667... Mar 22 20:24:05 * Connected. Now logging in... Mar 22 20:24:05 * *** Looking up your hostname... Mar 22 20:24:05 * *** Checking Ident Mar 22 20:24:06 * *** Couldn't look up your hostname Mar 22 20:24:19 * *** No Ident response Mar 22 20:24:52 * Closing Link: 32.138.186.102 (Connection timed out) Mar 22 20:24:52 * Disconnected (Remote host closed socket). Mar 22 20:25:02 Cycling to next server in Freenode...
I decided to investigate a different solution: Tor!
Read the rest of this entry »