13

I am trying to setup an IRC server on my machine for a bunch of friends and me to use. This is an ubuntu box and I have installed dancer-ircd and dancer-services and gotten everything up and running according to the Ubuntu Docs. I would like to now lock down the server so that users need a "global" password to connect. Alternatively, every user can have their own username/password as long as I have the ability to pre-approve who is registering a nick on the server.

Ron Gejman
  • 309
  • 1
  • 4
  • 11

4 Answers4

5

I had some IRC servers way back when. If I remember correctly, you set the connection password in the third field of the I: lines in ircd.conf.

The clients connect with something like /server yourserver.com:port password, and I believe most clients will ask for the password if you fail to provide one in the connect string.

There are a number of other options if you want to further restrict the connections.

I:address mask:password:domain mask::connection class

The connection class is defined with an Y: line. There's probably one in the default configuration that you can reference. Looking through the example ircd.conf is probably a good idea, most configuration options are explained there.

Roy
  • 4,256
  • 4
  • 35
  • 50
  • Is the connection password generally passed in the clear or hashed? – Max A. Nov 30 '09 at 17:38
  • I think there's was a compile time option in the original ircd to control that, but I suppose it all depends what flavour you are running. The man page or ircd.conf of the one you install will likely have some info on this. – Roy Nov 30 '09 at 17:41
  • 1
    Looks like dancer ircd uses an MD5 hash: makepasswd --crypt-md5 --clearfrom password – Roy Nov 30 '09 at 17:44
1

Have you considered running an IRC bot such as Eggdrop on a +i channel on a public network? This has the following benefits:

  • Bot can be scripted to hand out invites to preconfigured people with preconfigured passwords.
  • There is a myriad of Eggdrop TCL scripts out there, including logging.
  • Running a single Eggdrop instance is a lot cheaper (in terms of computing resources) than a whole IRCd.

Obviously, there are disadvantages:

  • Eggdrop scripts are written in TCL. This can be viewed as a benefit, depending on how good your TCL-fu is and what your opinion is of the language in general.
  • You depend on the larger public network's infrastructure. While this is beneficial because all the good stuff has been done for you, events such as net splits or server revolts/expulsions can affect your private channel. This doesn't happen as often on larger, stable, and established networks such as Undernet or Freenode.

One more point to consider is that IRC is not a secure protocol. Some server software supports SSL connections, though I've never encountered such servers in practice. YMMV.

SILC is another alternative, although the PK cryptography minutia can be too much for some users.

Max A.
  • 143
  • 1
  • 8
  • 1
    While there is only one SSL server on EFnet, there are a number on Undernet and Freenode. Communication between IRC servers has also been moved to SSL for most networks. On the other hand, SSL is not as secure as we used to think, as a man in the middle attack was recently discovered. – Roy Nov 30 '09 at 17:47
  • 1
    +1 for suggesting a public network, +1 for suggesting silc, -1 for suggesting an IRC bot has to be written in TCL. – WheresAlice Jul 05 '10 at 19:24
0

I found this several years after the fact, but I'd like to add that the way I do this is to set up a IRCd to listen on localhost only, and set up ZNC.

ZNC has user accounts and uses either the server password or a USER that contains both.

I'm using this approach for TRC, example: https://irc.teamrelaychat.nl/ (use demo2/demo2)

Pepijn
  • 133
  • 6
0

There might be a way to limit connections only to certain IP addresses, but it seems like you're seriously overcomplicating yourself, as I've never seen a server that requires a password to connect.

You should just get a channel on a public network and password protect it, or better yet use some chat tool like Yahoo Messenger, which features conference mode, where you can invite more people into the same discussion.

gekkz
  • 4,219
  • 2
  • 20
  • 19
  • Ah, interesting. Do you know if there is a "global server password" option available on IRC servers that is not widely used, or if it is a non-existant feature? We want to use IRC so that we can log everything that is said, even when not everyone is there (that's the main reason we want to set it up). On-the-fly chatrooms don't work as well for that. – Ron Gejman Nov 30 '09 at 16:46
  • Jabber could handle that, either by inviting a bot to all your chats or by using your own Jabber server (Openfire is quite nice). An IRC bot on a public network would also handle it quite nicely, and it doesn't have to be written in tcl you can use any language you like. – WheresAlice Jul 05 '10 at 19:23
  • There is a global server password, even if I'm two years late :) – tekknolagi Aug 13 '11 at 05:51