On Jan 30, 2010 the Freenode IRC network finally activated SSL support. This is something that many have long been waiting for, and I’m glad to finally see it! I have been an IRC user for some years now, the majority of which has been specific to the Freenode network. Historically all data passed to the Freenode network, including username, password and chat messages have been done in the clear. This no longer has to be the case as SSL client support is now available.
With internet technology, and the rise of cloud computing, SSL is becoming more important than ever. Corporations usually have it as a standard to secure their networks with VPN, with solutions seen in ATT virtual private nets. VPN and use of Proxies can enhance online security and is also available for consumer use.
In this article I will outline how to configure your IRC client to connect to the Freenode IRC network using SSL client encryption. This article includes instructions for Irssi, Empathy and Pidgin.
Access Freenode via SSL – Irssi
This section outlines how to configure irssi, the command-line IRC client, to connect to freenode via SSL secure connection.
First, you’ll need to ensure you have an updated list of CA root certificates. This can be done by verifying you have the following package installed:
sudo aptitude install ca-certificates
It is likely that this is already installed, but it won’t cause any problems to attempt installation just to make sure.
Once you’ve verified that you have the latest CA root certificates you can connect to Freenode via SSL using the following command:
/connect -ssl_verify -ssl_capath /etc/ssl/certs chat.freenode.net 7000
If you’d like to automatically connect to freenode each time you launch irssi, use the following:
/network add -nick <nick> -realname <realname> freenode
/server add -auto -ssl_verify -ssl_capath /etc/ssl/certs -network freenode chat.freenode.net 7000
/save
Access Freenode via SSL – Empathy (IDLE)
This section outlines how to configure Empathy, the default messaging client in Ubuntu 9.10+, to connect to freenode via SSL secure connection.
You’ll need to verify that you have an updated list of CA root certificates. This can be done by verifying you have the following package installed:
sudo aptitude install ca-certificates
Once you’ve verified that you have the latest CA root certificates, you’ll also need to verify your Empathy configuration. Below is a screenshot for the FreeNode configuration in Empathy. Ensure yours matches the port and SSL activation.
Empathy FreeNode configuration
Access Freenode via SSL – Pidgin
This section outlines how to configure Pidgin, the default messaging client in older Ubuntu releases, to connect to freenode via SSL secure connection.
You’ll need to verify that you have an updated list of CA root certificates. This can be done by verifying you have the following package installed:
sudo aptitude install ca-certificates
Once you’ve verified that you have the latest CA root certificates you’ll also need to verify your Pidgin configuration. Below is a screenshot for the IRC configuration in Pidgin. Ensure yours matches by modifying your account.
On the “Basic” tab, the default Server: entry will likely be “irc.ubuntu.com”. Unless you change this to “chat.freenode.net”, you’ll get a warning about not being able to verify the certificate.
Pidgin Basic Configuration
Next, navigate to the Advanced tab. On this tab you’ll need to change the Port: to 7000 and activate the checkbox for “Use SSL”. When you are finished, save your changes
Pidgin Advanced Configuration
Conclusion
Encrypted connections via SSL are important for network security, particularly in the situation where usernames and passwords are being transfered. As end-users we should be aware of improved security options available to us, such as encrypted network connections. If you are an IRC user and haven’t yet made the switch to SSL enabled connections, I’d invite you to take a minute and do so now.
Update: if you’re concerned about securing Internet services you’ll want to check out my latest security project: BastilleBSD.
Hey, this was a great tutorial that I’ve used a few times. I just noticed no one left a comment, so thanks!
Only useful think from this post is the port of TLS in freenode servers: 7000. I couldn’t found it.
Rest is pretty obious EXCEPT for the typical Ubuntu user, so you have to tell them…
Niessuh, people who try to act superior to a group that aren’t present to defend themselves are almost *always* retards.
Look around. You are the smartest guy on an empty comment thread. Now go to the Ubuntu forums and you instantly become the dumbest. That’s not speculation – it’s fact – DUMBASS.
Great post. Been looking for a concise tutorial on how to connect via ssl in irssi. Thanks so much!
I just stumbled on Freenode IRC Network at the Open Movie Editor website and did a search on how to use Freenode. This tutorial is a little advanced for me since I am just starting. Yes I am now a Ubuntu convert. I want to contact the openmovieeditor channel and see if I can contribute in some way. Need to do more research about freenode. Thanks for the tutorial. I’m sure it’ll click what you’re suggesting and will be thankful that I bookmarked this page.
I am running Ubuntu Nebook Remix 10.04 and trying to connect to IRC via Empathy. My Nick is “B9” which has a password which I have added and it says connected. But I cannot get a list of rooms and the rooms drop down is not enabled. I would appreciate some assistance when you have time.