uniq_

freenode irc over tor (using hexchat)

I thought IRC is stable technology and easy to use in a privacy friendly way. Turns out this assumption is wrong. Here's what I needed to do to get me set up for chatting on freenode over a TOR secured connection:

• install hexchat

  sudo apt-get install hexchat

• start hexchat

• enter nick-names
• select freenode from the list
• click edit
• select: servers: irc.freenode.net
• select: connect to select server only
• select: use ssl for the servers on this network
• select: login method: sasl external (cert)
• click close

• click connect

• register a freenode account:

  /msg nickserv register your_password your_email_address
  

• Wait for an email containing an irc-command to verify your account. Copy and paste that command to hexchat

• restart hexchat, login with auth method: username+password

• create sasl cert and display fingerprint

  mkdir -p ~/.config/hexchat/certs
  openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout ~/.config/hexchat/certs/client.pem -out ~/.config/hexchat/certs/client.pem
  chmod 600 .config/hexchat/certs/client.pem
  

• add fingerprint to freenode account

  /msg nickserv CERT ADD
  

• open: settings > preferences > network setup and enter tor proxy
  (defaults to host: 127.0.0.1 port: 9050 type: socks5)

• restart hexchat and edit freenode network settings

• change login method to sasl external

• use the add button to add following domain name as server: freenodeok2gncmy.onion

• click: close

• click: connect

Took my quite a while to figure out what I actually needed to do to get this working. Frankly it feels like a waste when configuration a chat client takes a couple of hours. At least it works now, so see you on freenet eventually.

resources:

• http://www.wikihow.com/Register-a-Nickname-on-Freenode
• https://hexchat.readthedocs.io/en/latest/tips.html
• https://freenode.net/news/tor-online
• https://freenode.net/kb/answer/hexchat
• https://freenode.net/kb/answer/chat