Using SSL to connect to freenode in weechat
If NickServ is right, I've been using Freenode for more than 10 years:
NickServ (NickServ@services.): Registered : May 09 23:49:42 2001 (10 years, 1 week, 1 day, 21:51:41 ago)
During all that time, I've used a variety of IRC clients like BitchX, Epic4, Irssi and, lately, WeeChat.
Today I had to connect to the network from an insecure connection. Usually in a situation like that, I just open an ssh connection to a safe host and then I connect to Freenode from that host.
But today I did remember that Freenode offers the posibility to use SSL encrypted connections when connecting to the network.
In order to get that working in WeeChat, you only have to download the SSL CA cert from http://freenode.net/faq.shtml#sslaccess and save it somewhere in your home directory (~/.weechat/ would be a perfect place for that). Then you have to edit your configuration file (~/.weechat/irc.conf in recent versions of WeeChat) and locate the ssl settings:
ssl = off ssl_cert = "" ssl_dhkey_size = 2048 ssl_verify = on
By default ssl is disabled, you only have to enable it, set the path to the SSL CA cert you've downloaded from the Freenode website and, important, modify the value of the ssl_dhkey_size parameter, from the default value (2048) to 1024 (otherwise weechat will complain and refuse to connect to the server). You will end with something like:
ssl = on ssl_cert = "/home/wu/.weechat/GandiStandardSSLCA.crt" ssl_dhkey_size = 1024 ssl_verify = on
Then you will have to modify the address parameter of your freenode connection, from the non-ssl configuration:
freenode.addresses = "chat.freenode.net/6667"
to the ssl-enabled one:
freenode.addresses = "chat.freenode.net/7000"
And finally you can start WeeChat and you will notice you are using an SSL-enabled connection because your user will be marked with the Z flag:
[00:02] [8] [irc] 1:server[freenode] [Lag: 0,090] [Act: 7,5,6,2,8] [Wu(Zi)]