Hi,

I´m looking to set up a local IRC server on the latest Debian for me and some friends. I´d like to somehow restrict access to this server to only local *nix accounts.

I don´t want to make the server only accessible to users who are logged in over SSH. I also want to be able to use clients on our phones etc. I also don´t trust my friends completely, I don´t want them to be able to impersonate each other.

So, what I´m looking for is some basic auth on my IRC server, preferably something that hooks into the standard *nix accounts (via PAM?). I´ve searched around a bit, and the only things I came up with:

  • Make the server localhost only => then I won´t be able to use phone apps anymore.

  • Server password => this doesn´t solve the auth issue, my friends will still be able to impersonate each other.

  • Make the server localhost only and then let users connect via ZNC, which hooks into Cyrus SASL => this was a huge pain in the ass to set up, and still doesn´t work.

  • Do this via services somehow?

What would be the “correct” way to implement this?

  • spauldo@lemmy.mlEnglish
    1·
    1 year ago

    Some of these issues are ones that were experienced and solved by the big IRC networks. They used different methods - nick registration and authentication via a bot, for instance.

    The source for many of those is available. Why not see how others solved the problems? A brief look at the Charybdis IRCd source (at least the Freenode version) shows capabilities for limiting channel creation to authenticated users and what looks like built-in ChanServ and NickServ.

    In any event, you may be worrying over nothing. I ran a friends-only IRC server back in the day and didn’t have issues with impersonation. I rarely saw any unknown users and it was easy to detect them because they weren’t part of my circle of friends. We had a couple bots that logged the channel and provided various services - it wouldn’t be hard to have one enforce security.