freenode_certfp - shabble/irssi-docs GitHub Wiki
Steps to use CertFP on Irssi & Freenode
NOTE: This document requires that you already have an account with NickServ on Freenode, see https://freenode.net/kb/answer/registration
On your shell:
( Command taken from https://freenode.net/kb/answer/certfp )
openssl req -x509 -new -newkey rsa:4096 -sha256 -days 1000 -nodes -out freenode.pem -keyout freenode.pem
Then copy it somewhere, e.g. your Irssi folder:
cp -i freenode.pem ~/.irssi
In Irssi:
First, you have to log in with Username & Password, register them in Irssi:
/network modify -sasl_mechanism PLAIN -sasl_username YOURUSERNAME -sasl_password YOURPASSWORD Freenode
Next, you have to register the TLS Certificate Key you created above:
/server modify -tls_verify -tls_cert ~/.irssi/freenode.pem chat.freenode.net 6697
Now, connect to Freenode ( with User & Pass )
/connect Freenode
After you are connected, register your Certificate Key with NickServ:
/msg NickServ CERT ADD
It will respond to you, if you did everything right:
-NickServ(NickServ@services.)- Added fingerprint XXXXXX to your fingerprint list.
Change the login from Password to Certificate Key:
Disconnect:
/disconnect
Clear the password and change to SASL EXTERNAL:
/network modify -sasl_password '' -sasl_mechanism EXTERNAL Freenode
Test it:
/connect Freenode
You can verify if you are logged in with Certificate Key by doing:
/whois YOURNICK
It will output:
-!- : has client certificate fingerprint xxxxxxx
Make sure to
/save