installations-hilfe ircd2.11.1p1+ssl+soper
Transcription
installations-hilfe ircd2.11.1p1+ssl+soper
Installation eines irc2.11.1p1+ssl+soper -Version 1.1Entpacken mit tar xvfz irc2.11.1p1+ssl+soper.tgz Enthaltende Dateien : modifizierte config.h.by.tuvok und ein Ordner easy-rsa Mit ./configure --prefix=$HOME/ircd211.1p1 --enable-ip6 --enable-ipv6 --with-zlib config.h ---------------#define DEFAULT_INVISIBLE #define MAXCONNECTIONS 500 #define MAXIMUM_LINKS 10 #define HUB #define CRYPT_OPER_PASSWORD #define CRYPT_LINK_PASSWORD #define LEAST_IDLE - kann man verändern wenn man möchte #define HELLO_MSG "Please wait while we process your connection." #define CLIENTS_CHANNEL #define CLIENTS_CHANNEL_LEVEL (CCL_CONN|CCL_QUIT|CCL_NICK|CCL_CONNINFO_SSL) #define XLINE # define ZIP_LEVEL 4 #define SPLIT_USERS 0 #define SPLIT_SERVERS 0 - wenn man möchte #define USE_SSL #define ZIP_LINKS make all make install ircd.conf ----------------für SSL benötigt man in der ircd.conf eine Z Line (Zwischen der P und Y Line) Z%/home/ircd/ircd211.1p1/etc/sslcerts/server.crt%/home/ircd/ircd211.1p1/etc/sslcerts/server.key%/home/ircd/irc d211.1p1/etc/sslcerts/ca.crt Für soper muss in der O-Line ein Flag @ eingetragen werden, damit man die soper Befehle nutzen kann. Beispiel: # O:<TARGET Host NAME>:<Password>:<Nickname>:<Port>:<Class>:<Flags(@soper)> O%*@127.0.0.1%a7Ow5r.7j/0dU%nick%%12%@ % Alle anderen Flags bitte aus irc2.11.1p1+ssl+soper/doc/2.11-New entnehmen. Für die <SID> also die Landes Kennzeichnung bitte irc2.11.1p1+ssl+soper/doc/ISO-3166-1 lesen. M%irc6.dialin-net.de%ip-address%Germany, Sontra v6 only%6666%276A (der Buchstabe bedeutet es ist Server 1) SSL- Certifikate erstellen folgendes ist zu tun: im dir ircd211.1p1/etc/ einen Ordner namens sslcerts anlegen danach aus dem Ordner irc2.11.1p1+ssl+soper den ordner easy-rsa in den Ordner ircd211.1p1/etc/sslcerts kopieren. in den Ordner ircd211.1p1/etc/sslcerts/easy-rsa wechseln . ./var (zwischen den 2 Punkten bitte eine Leerzeile lassen) ./ clean-all ./build-ca Generating a 2048 bit RSA private key ............+++ ..+++ writing new private key to 'ca.key' ----You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----Country Name (2 letter code) []:DE State or Province Name (full name) []:Hessen Locality Name (eg, city) []:Sontra Organization Name (eg, company) []:HomeNET Organizational Unit Name (eg, section) []:HomeNET Common Name (eg, your name or your server's hostname) []:irc6.dialin-net.de Email Address []:[email protected] ./build-key-server <Name> (z.b. server) Generating a 2048 bit RSA private key ...................+++ .................................................................+++ writing new private key to 'server.key' ----You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----Country Name (2 letter code) []:DE State or Province Name (full name) []:Hessen Locality Name (eg, city) []:Sontra Organization Name (eg, company) []:HomeNET Organizational Unit Name (eg, section) []:HomeNET Common Name (eg, your name or your server's hostname) []:irc6.dialin-net.de Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:HomeNET An optional company name []:HomeNET Using configuration from /home/ircd/ircd211.1p1/etc/sslcerts/easy-rsa/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows countryName :PRINTABLE:'DE' stateOrProvinceName :PRINTABLE:'Hessen' localityName :PRINTABLE:'Sontra' organizationName :PRINTABLE:'HomeNET' organizationalUnitName :PRINTABLE:'HomeNET' commonName :PRINTABLE:'irc6.dialin-net.de' emailAddress :IA5STRING:'[email protected]' Certificate is to be certified until Nov 23 23:17:27 2017 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated Die erstellten *.crt und *.key bitte aus dem Ordner /easy-rsa/keys/ in den Ordner ircd211.1p1/etc/sslcerts kopieren. Theoretisch sollte das ganze nun so funktionieren…. ☺ Created 28.11.2007 Dokumtentation by Markus 'tuvok' Schwarz Hilfe & Patches by Grega 'fiction' Pogacnik Hilfe & SSL Certs by Johannes 'josai' Saidler