- Ec2 instance = Amazon ec2, t2.micro, Linux (Ubuntu 14.x+)
- Znc (version: 1.7.0+)
- OpenSSL
- IRC Client = Hexchat (version: 2.10.1+)
-
Setup an ec2 instance: t2.micro
-
In corresponding security group, add an inboun rule:
- Custom TCP | TCP | port: 6697 | source: "anywhere" | description: "For Znc"
-
Login (SSH) to instance.
- In ubuntu above 14.x make sure you have installed.
- build-essential
- libssl-dev
- libperl-dev
- pkg-config
- libicu-dev
$ sudo apt-get install build-essential libssl-dev libperl-dev pkg-config libicu-dev
- In ubuntu above 14.x make sure you have installed.
-
Install latest znc (1.7.0+). See How to install
-
Run command
$ znc --makeconf
-
Launch znc
-
Open webadmin: https://<server_ip>:
-
Login to znc
-
Go to:
Your network
--> Editfreenode
--> tick marksasl
& tick markcert
Here,
freenode
can be replaced with network you have set while running makeconf -
Now 2 more options would be available:
sasl
andcertificate
in webadmin. -
Goto
sasl
--> now don't giveusername
andpassword
[otherwise it would be sasl plane] --> tick markrequire authentication
and check the order of sasl. It should be: First external then Second plain. -
Generate a new SSL certificate in server with command:
$ openssl req -x509 -new -newkey rsa:4096 -sha256 -days 1000 -nodes -out user.pem -keyout user.pem
-
Move this
user.pem
at~/.znc/users/<user>/networks/<network>/moddata/cert/
-
Copy the fingerprint of
user.pem
. Fingerprint can be observed with command:$ openssl x509 -in <path_to_.pem_file> -outform der | sha1sum -b | cut -d' ' -f1
-
Open your Hexchat and login.
-
Give command:
/msg nickserv cert add <fingerprint>
-
Ctrl + s: Hexchat netwok list will be opened.
-
Add a new
network
-->edit
--> add the server in format<znc_ip>/+<port>
Here,
<port>
can be replaced with 6697 for SSL connection -
Tick mark
- Connect to selected server only
- Connect to this network automatically (and unmark this option from any other network in your hexchat list)
- Use SSL for all the server on this network
- Accept invalid SSL certificates (since the openssl certificate we just generated is not verified by any CA)
-
Change Login method to:
server password
-
Give your
username=<your_username
, and givepassword=<znc_password>
-
Keep the znc running.
-
Connect to new network you created on hexchat (restart hexchat).
Done!
- Intro: https://wiki.znc.in/Introduction
- znc: https://wiki.znc.in/ZNC
- download and install: https://wiki.znc.in/Installation
- hexchat: https://wiki.znc.in/HexChat
- cert: https://wiki.znc.in/Cert