I don't understand half English words I type...
--- Ognjen Milan Robovic
IRC is for the mentally mental and the very well. It serves as a great retard filter, supposedly.
IRC.Xolatile.Top <- Secure Connections Only | Port 6697 | Use TLS 1.2+
You need a client that can connect with SASL (Weechat, irssi, etc.) and must fully set it up BEFORE reconnecting.
You'll have exclusive control over your nick and will have enabled a server-side bouncer.
First you have to register... Use KeePassXC to keep your passwords.
/nick your_nick_forever /msg nickserv registerRecommendation for server-side bouncer settings, bouncer will always print missed messages hereon:
/msg nickserv set AUTOREPLAY-MISSED on /msg nickserv set AUTOREPLAY-LINES 0
Simple plaintext password, the most widely supported and relatively easy to setup.
set sasl_mechanism = plain set sasl_username = nick set sasl_password =# same as registration
Certificate based authentication, more intensive setup. You're objectively cooler for using it.
The following commands are required, this generates a valid certificate and prints the fingerprint which you must copy to your IRC client.
$ openssl genpkey -algorithm ed25519 -out private.pem
$ openssl req -new -x509 -key private.pem -out cert.pem -days 365
# go through the prompt, just hit enter...
$ cat private.pem cert.pem > nick.pem
$ rm private.pem cert.pem
# then get your fingerprint, copy this into your clipboard...
$ openssl x509 -in nick.pem -outform DER | sha256sum -b | awk '{print $1}'
$ mv nick.pem ~/.cert/
Add that fingerprint like this:
/msg nickserv cert add FINGERPRINT
For weechat, you may configure it like this, and in general these are the details you must supply:
set sasl_mechanism = external # overrides sasl configuration and uses client-side tls cert set tls_cert = ~/.cert/nick.pem