This tutorial shows the installation of an IRC server with IRCD-Hybrid and Anope on Ubuntu 15.04 and how to secure the IRC connections with SSL.
About IRC
IRC (Internet Relay Chat) is a text-based chat protocol which has an open specification. There are several IRC servers and clients available which implement IRC.
IRCD-Hybrid is a lightweight, high-performance Internet Relay Chat daemon used by e.g. EFnet. We will use this software in our tutorial for Ubuntu 15.04.
Anope is a set of IRC Services that provides flexibility and ease of use with support for 15 IRCds including IRCD-Hybrid. Anope is available in 2 versions: Stable and Development. We will use the Stable version here.
Prerequisites
- An Ubuntu 15.04 server, I will use the IP 192.168.1.109.
- Root Privileges
What we will do in this tutorial:
- Install the required dependencies.
- Download and install IRCD-Hybrid.
- Download and install Anope.
- Configure IRCD-Hybrid.
- Configure Anope Services.
- Adding SSL to IRCD-Hybrid.
- Testing.
Step 1 - Installation of the required dependencies
We need OpenSSL and the gcc compiler for the installation. The Linux Build tools are available in the meta package "build-essential" and we need the Make tool CMake for the Anope installation. Install the packages with the "apt" command:
sudo apt-get install build-essential cmake openssl libssl-dev
Step 2 - Download and install IRCD-Hybrid
1. We will install IRCD-Hybrid from source. Download the source files from sourceforge and extract them in your home directory:
sudo su
cd ~
wget http://prdownloads.sourceforge.net/ircd-hybrid/ircd-hybrid-8.2.8.tgz
tar -xzf ircd-hybrid-8.2.8.tgz
2. Please go to the directory "ircd-hybrid" with "cd" command:
cd ircd-hybrid-8.2.8
3. Now before you compile and install the software, you have to set a directory for ircd, and the user to run the software. This what i will do:
- Install ircd-hybrid under user "mavis".
- Install in a directory called "hybrid", under mavis home directory. "/home/mavis/hybrid/".
If you dont have a user "mavis" yet, add one with the command:
adduser mavis
Now run this command with "root" privileges to configure and compile ircd:
./configure --prefix=/home/mavis/hybrid
make && make install
Now go to the mavis home directory and change the owner of the "hybrid" directory.
cd /home/mavis
chown -R mavis:mavis hybrid
Step 3 - Download and install Anope Services
1. Download anope with the wget command and extract the tar.gz file:
sudo su
cd ~
wget https://github.com/anope/anope/releases/download/2.0.2/anope-2.0.2-source.tar.gz
tar -xzf 2.0.2.tar.gz
2. Then enter the anope directory.
cd anope-2.0.2-source/
3. And compile and install anope. These are the same steps that we used to install ircd-hybrid. I will install it under user "mavis" as well into the directory "services".
Now run this as "root" privileges :
./Config
and you will be asked "where do you want to install" anope. Enter the following directory "/home/mavis/services/" and then press "Enter".
Next enter the "build" directory and then use a command "make && make install" to compile and install anope services.
cd build
make && make install
When the installation is complete, go to the mavis home directory and change the owner for directory "services" to user "mavis".
cd /home/mavis/
chown -R mavis:mavis services/
Step 4 - Configure IRCD-Hybrid
1. Before you edit the configuration file, please generate a password with "mkpasswd" command in the "bin" directory. This password is used later for the admin/operator access.
cd ~/hybrid/bin
./mkpasswd
type your password
2. Now switch to user mavis to configure ircd-hybrid. Please go to the directory "hybrid/etc/" and copy a file "reference.conf" to a new file "ircd.conf".
su - mavis
cd hybrid/etc/
cp reference.conf ircd.conf
3. Edit the file ircd.conf with the vim editor.
vim ircd.conf
Go to line 40 - the serverinfo block - and change it to your server info, below my example:
name = "mavis.local"; description = "ircd-hybrid Mavis server"; network_name = "MavisNet"; network_desc = "This is Mavis Network";
Now edit the admin info in line 195:
name = "Mavis Admin"; description = "Mavis Server Administrator"; email = "<vermillion@mavis.local>";
and in the auth block on line 428, comment "flag" the option:
# flags = need_ident;
and set the oprator or admin for irc server in line 437 :
name = "mavis"; #operator username user = "*@192.168.1.*"; # this is my network IP password = "$1$zylz9BKK$AQg/dc/Ig04YuvPgkCtFK0"; #password generated with mkpasswd encrypted = yes;
And finally you have to "define a server to connect to" in the connect block line 566. The configuration is use by ircd-hybrid for the connection to anope :
name = "services.mavis.local"; host = "192.168.1.109"; #server ip send_password = "12345"; #use your password accept_password = "12345"; port = 6666;
Then save the configuration file.
4. Start ircd-hybrid in bin directory
cd ~/hybrid/bin/
./ircd
Try connect to your IRC server with an IRC client like mIRC, hexchat or xchat.
/server 192.168.1.109
Login with user mavis, try to be an operator/admin.
/oper mavis aqwe123
Step 5 - Configure Anope Services
1. Go to the anope installation directory as user "mavis" and copy the file "example.conf" to the new file "services.conf".
su - mavis
cd ~/services/conf
cp example.conf services.conf
2. Edit the configuration file with the vim editor.
vim services.conf
Edit the uplink block in line 154 - this is used by anope for the connection to ircd. Make sure this configuration matches with connect block in the ircd configuration.
#Server IP
host = "192.168.1.109" port = 6666 #default port is 7000 password = "12345"
Then change the serverinfo block in line 198 and make sure it is matches with the connect block in the ircd-hybrid configuration.
name = "services.mavis.local"
Finally you have to define the ircd software that you use in the module block in line 260. Change "inspircd20" to "hybrid".
name = "hybrid"
Save the configuration file.
3. Run the anope services.
cd ~/services/bin
./anoperc start
Now you can check that the anope services are connected with ircd-hybrid. Connect to the IRC server and check with this command:
/whois ChanServ
Step 6 - Add SSL to IRCD-Hybrid
1. Before you edit the ircd-hybrid configuration, you have to generate a SSL certificate for ircd. Please go to the "hybrid/etc/" directory.
cd ~/hybrid/etc/
And generate a private rsa.key with the openssl command, change the permission to 600 with chmod:
openssl genrsa -out rsa.key 2048
chmod 600 rsa.key
Now generate the SSL certificate for the encrypted client connection with our rsa.key private key:
openssl req -new -days 365 -x509 -key rsa.key -out cert.pem
Enter your data like Country etc. when requested by OpenSSL.
and the last, generate a dhparam file with command :
openssl dhparam -out dhparam.pem 2048
Just wait, because it will take some time.
2. Now go to the hybrid directory and edit the configuration file "ircd.conf".
cd ~/hybrid/etc/
vim ircd .conf
Uncomment the ssl configuration in the serverinfo block:
rsa_private_key_file = "etc/rsa.key"; # Line 114 ssl_certificate_file = "etc/cert.pem"; # Line 136 ssl_dh_param_file = "etc/dhparam.pem"; # Line 151
And finally you have to comment the host in the listen block at line 353.
# host = "192.168.0.1";
Save and exit.
3. Restart ircd-hybrid and anope:
killall ircd
~/hybrid/bin/ircd
~/services/bin/anoperc start
Step 7 - Testing
Try to connect to your IRC server with an IRC client, I'll be using Hexchat here and see what happens:
/server -ssl 192.168.1.109 6697
note : 6697 is default port for SSL Connection on ircd-hybrid.
Now you can see that we are connected with SSL and that we can be a operator/admin of our server, so the anope is working.
Conclusion
Internet Relay Chat(IRC) is an open (client/server) protocol for text-based chats, it is one of the foundations of the internet and still used by many developers and sysadmins. The IRC Server is a computer/server running an IRC daemon, the IRC client is a small program that the user can install on their system as chat client. IRCD-Hybrid is an lightweight and easy to configure IRC Daemon with support for SSL connections to secure the IRC network. Anope is a set of services for IRC Networks. With anope you can easily manage your IRC network. IRCD-Hybrid, Anope and SSL are one of the best solutions to build your own IRC Server.