DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st May 2011
fender0107401's Avatar
fender0107401 fender0107401 is offline
Real Name: Li.
Port Guard
 
Join Date: May 2010
Location: China, Tian Jin.
Posts: 24
Default How to use irssi to connect freenode?

Hi all,

Who know how to set irssi to connect freenode?

I use the following setting in FreeBSD.

Code:
servers = (
  {
    address = "chat.freenode.net";
    chatnet = "freenode";
    port = "7000";
    use_ssl = "yes";
    ssl_verify = "yes";
    ssl_cafile = "/usr/local/share/certs/ca-root-nss.crt";
    autoconnect = "yes";
  }
);
However, it doesn't work in OpenBSD.

The problem is that I can't find "/usr/local/share/certs/ca-root-nss.crt" in OpenBSD.

So, I think I have to install "ca-root-nss.crt" properly, but how?

Last edited by fender0107401; 21st May 2011 at 02:11 PM.
Reply With Quote
  #2   (View Single Post)  
Old 21st May 2011
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
ISO Quartermaster
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 589
Default

FreeNode doesn't suport SSL afaik, and port is wrong.

Code:
  {
    chatnet = "FreeNode";
    address = "chat.eu.freenode.net";
    port = "6667";
  }
Reply With Quote
  #3   (View Single Post)  
Old 21st May 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

Totally wrong, Freenode recently transitioned to a new IRC daemon (..January) and with that they introduced SSL support, on port 7000/7070 and the more common 6697.

http://freenode.net/faq.shtml#sslaccess
http://blog.freenode.net/2010/01/fre...-live-freenode

As for the OP, verifying the SSL certificate is indeed a good step, but it's optional, you can obtain the certificate on their website or by retrieving it using openssl.. once you have it set ssl_capath directly to the file, storing it in ~/.irssi/certs is as good of place as any.
Reply With Quote
  #4   (View Single Post)  
Old 21st May 2011
fender0107401's Avatar
fender0107401 fender0107401 is offline
Real Name: Li.
Port Guard
 
Join Date: May 2010
Location: China, Tian Jin.
Posts: 24
Default

I got the corresponding server crt as follows:

Code:
$ cd .irssi/certs/                                                             
$ cat GandiStandardSSLCA.crt                                                   
-----BEGIN CERTIFICATE-----
MIIEozCCA4ugAwIBAgIQWrYdrB5NogYUx1U9Pamy3DANBgkqhkiG9w0BAQUFADCB
lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
SGFyZHdhcmUwHhcNMDgxMDIzMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjBBMQswCQYD
VQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5kaSBTdGFu
ZGFyZCBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VD2l
2w0ieFBqWiOJP5eh1AcaqVgIm6AVwzK2t/HouaVvrTf2bnEbtHUtSF6fxhWqge/l
xIiVijpsd8y1zWXkZ+VzyVBSlMEnST6ga0EWQbaUmUGuPsviBkYJ6U2+yUxVqRh+
pt9u/UqyzGxO2chQFZOz8unjwmqtOtX7w3lQnyV5KbJHZHwgPuIITZMpFLY0bs9x
Rn52EPT9bKoB0sIG3pKDzFiQLpLeHmW3Yy89sutwjEzgvhWd3sFNVvgLxo4HuV3f
lfB7QB8aLNecK0t29Fn1Q8EsZhCenmaWYJ0cdBtOGFwIsG5symkaAum7ynjvZi7j
Mv1BXJV0gU302v5LAgMBAAGjggE+MIIBOjAfBgNVHSMEGDAWgBShcl8mGyiYQ5Vd
BzfVhZadS9LDRTAdBgNVHQ4EFgQUtqj/oqgv0KbNS7Fo8+dQEDGneSEwDgYDVR0P
AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwGAYDVR0gBBEwDzANBgsrBgEE
AbIxAQICGjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnVzZXJ0cnVzdC5j
b20vVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwdAYIKwYBBQUHAQEEaDBmMD0G
CCsGAQUFBzAChjFodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVROQWRkVHJ1c3RT
ZXJ2ZXJfQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
Y29tMA0GCSqGSIb3DQEBBQUAA4IBAQAZU78DPZvia1r9ukkfT+zhxoI5PNIDBA+r
ez6CqYUQH/TeMq9YP/9w8zAdly1MmuLsDD4ULS+YSJ2uFmqsLUKqtWSkcLvrc5R7
RkznehR2W0wdhKEgdB8uS1xwiNy99xk97VkN4j8m4pyspDyVHPi+jAOu8OWcTbzH
m1gAv6+t+jducW0YNA7B6mr4Dd9pVFYV8iiz/qRj7MUEZGC7/irw9IehsK69quQv
4wMLL2ZfhaQye0btJQzn8bfnGf1gul+Hd96YB5bkXupjfajeVdphXDyQg0MEBzzd
8/ifBlIK3se2e4/hEfcEejX/arxbx1BJCHBvlEPNnsdw8dvQbdqP
-----END CERTIFICATE-----
Now, I use the following setting (li is my login name):

Code:
servers = (
  {
    address = "chat.freenode.net";
    chatnet = "freenode";
    port = "7000";
    use_ssl = "yes";
    ssl_verify = "yes";
    ssl_cafile = "/home/li/.irssi/certs/GandiStandardSSLCA.crt";
    autoconnect = "yes";
  }
);
Unfortunately, I still can't access freenode with irssi in OpenBSD.

When connecting the server, irssi shows the following messages:

Code:
22:45:30 -!- Irssi: Looking up chat.freenode.net
22:45:31 -!- Irssi: Connecting to chat.freenode.net [213.161.196.11] port 7000
22:45:38 -!- Irssi: warning Could not verify SSL servers certificate: unable to get local issuer certificate
22:45:38 -!- Irssi: warning   Subject : /OU=Domain Control Validated/OU=Gandi Standard Wildcard SSL/CN=*.freenode.net
22:45:38 -!- Irssi: warning   Issuer  : /C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
22:45:38 -!- Irssi: warning   MD5 Fingerprint : 39:73:07:2F:64:23:ED:34:0F:5A:37:46:85:55:E9:BB
22:45:38 -!- Irssi: Connection lost to chat.freenode.net
Reply With Quote
  #5   (View Single Post)  
Old 21st May 2011
fender0107401's Avatar
fender0107401 fender0107401 is offline
Real Name: Li.
Port Guard
 
Join Date: May 2010
Location: China, Tian Jin.
Posts: 24
Default

I find xchat is more easy to use.

In xchat, I just "accept invalid certificate".
Reply With Quote
  #6   (View Single Post)  
Old 21st May 2011
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
ISO Quartermaster
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 589
Default

Quote:
Originally Posted by fender0107401 View Post
I find xchat is more easy to use.

In xchat, I just "accept invalid certificate".
What's the point of using SSL then? (encryptin only? You need it?)
Reply With Quote
  #7   (View Single Post)  
Old 21st May 2011
fender0107401's Avatar
fender0107401 fender0107401 is offline
Real Name: Li.
Port Guard
 
Join Date: May 2010
Location: China, Tian Jin.
Posts: 24
Default

Quote:
Originally Posted by killasmurf86 View Post
What's the point of using SSL then? (encryptin only? You need it?)
If I disable it, I can't login.

Code:
Disconnected (Connection reset be peer).
Reply With Quote
  #8   (View Single Post)  
Old 21st May 2011
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

If you don't use SSL, then connect to irc.freenode.net on port 6667.. why are you using chat.freenode.net anyway?
Reply With Quote
  #9   (View Single Post)  
Old 21st May 2011
qmemo's Avatar
qmemo qmemo is offline
Real Name: He
Package Pilot
 
Join Date: Jul 2008
Location: The big B
Posts: 141
Default

how about this

I use this script and on x-chat I use this

http://www.andrews-corner.org/irssi.html
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
connect to OpenBSD BOX with VNC mfaridi OpenBSD General 9 14th April 2010 08:38 PM
systrace policy for irssi DraconianTimes OpenBSD Security 2 24th January 2010 11:30 PM
How understand someone connect to my BOX with VNC mfaridi OpenBSD Security 8 21st November 2008 12:24 AM
Error while trying to icompile irssi from source FloridaBSD Solaris 7 27th May 2008 11:08 AM


All times are GMT. The time now is 02:00 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick