Difference between revisions of "Module:SASL"
m (Protected "Module:SASL": Core Page/Module ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite)))
m (Removed protection from "Module:SASL": Protection is not necessary here)
Latest revision as of 18:33, 11 January 2021
This module allows you to authenticate to an IRC network via SASL. This is the preffered method over using nickserv or perform as you are able to authenticate to services before you are visible on the IRC server.
This module also supports the EXTERNAL SASL mechanism if you set up a certificate with the cert module. Once cert is properly enabled and setup, you can set the SASL module to use the EXTERNAL mechanism.
This module takes no arguments
This module works without any form of user interaction when loaded. When your primary nickname isn't available on the network, the module should try to get it for you. It is possible to enable/disable keepnick and check whether the module is trying to regain your primary nickname using commands.
/msg *sasl mechanism [external/plain]
Sets the mechanism to external or plain. External requires a cert to be configured on the cert module and Plain will use plain text negotiation
/msg *sasl requireauth
Require SASL authentication to be successful when connecting to the network, otherwise disconnect
/msg *sasl set [username] [password]
Set the username and password for the nickserv account you wish to identify to.
/msg *sasl help <?search>
Shows the list of available commands for this module with the ability to optionally search for word/phrase in help output.
If you don't use SSL (i.e you are connecting to an IRCserver where the port is not prefixed with a '+'), the password is transmitted to the IRC server in plain text. It is therefore recommended that you check you are connecting to an SSL server and port and ask us to change this should you wish to use the plain mechanism.
Many networks support authenticating SASL. You can easily check whether a network has a SASL service by using
/whois SASLServ (assuming the network hasn't renamed it)