How-to: Linking servers

These are old archives. They are kept for historic purposes only.
Syzop
UnrealIRCd head coder
Posts: 2112
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

Post by Syzop »

unless, as you pointed out, the dumbasses use "*"
Actually I do use that, or.. options::nohostcheck which basically means the same in this context. I need to, since I and the server I link to have both dynamic IPs. So not having "IP checks" isn't that uncommon.

Anyway, to summarize.. choose good passwords, and use SSL if you can. Don't rely on IPs for authentication.
I don't understand why people don't choose good passwords for link blocks anyway, you don't even have to remember the password.. you only have to store it on 2 sides and then you can forget about it ;).
pomme
Posts: 7
Joined: Sat Oct 09, 2004 6:30 am

Post by pomme »

Well, this is why I wanted to make a module for opers to do a challenge/response login. Challenge/response authentication is one method of authentication recommended by CERT.ORG, and is believed by many to be far more secure than any other method. I've started with a simple one that works for one oper, but for the module to work the way it should, I'd need to have a new conf item placed in the oper {} block.

1) The (public) key's filename is stored in the oper::password item as a string. A new authtype will also be needed to ensure people cannot do /oper name /path/to/keyfile.

2) I also need an item in the oper {} block that cannot be used, perhaps one that is hidden, which will store the contents of the key for each oper {} block. This would be like RSA *key.

I've put this feature request in the bug reports, but I guess it won't get added. I can alternatively have the keyfile loaded each time someone tries to challenge, but that would badly kill the CPU if flooded (even with a slow flood). It's best to load/reload the key when you /rehash, and when the server starts.
katsklaw
Posts: 1124
Joined: Sun Apr 18, 2004 5:06 pm
Contact:

Post by katsklaw »

ircd-ratbox does something to this effect already if you need source code examples.
jenga201
Posts: 2
Joined: Tue Nov 23, 2004 11:25 am

Post by jenga201 »

I worked through all of the other problems i've had, but i'm not sure what to do about this one.

The only error my two servers gives me is that a server numeric is colliding.

I know it's not supposed to be the same number. My server1 has a numeric of 203 and my server2 has a numeric of 189.

I've tried many different combinations, and it's always the same error.

Server1--me block has numeric 203
link irc.revos-host.net {
username *;
hostname (IP of Server2);
bind-ip *;
port 10000;
hub *;
password-connect "password";
password-receive "password";
class servers;
options {
autoconnect;
};
};

Server2--me block has numeric 189
link irc.saiyan.net {
username *;
hostname (Ip of Server1);
bind-ip *;
port 10000;
hub *;
password-connect "password";
password-receive "password";
class servers;
options {
autoconnect;
};
};


Thank you
Dukat
Posts: 1083
Joined: Tue Mar 16, 2004 5:44 pm
Location: Switzerland

Post by Dukat »

Please open a new thread for a new problem...


Anyway - you have to restart the servers after editing the me block.
jenga201
Posts: 2
Joined: Tue Nov 23, 2004 11:25 am

Post by jenga201 »

Thank you for that advice. I didn't know i had to restart the server, i thought i just had to rehash it.

Sorry about not starting a new thread, but i thought there was enough threads pertaining to this topic.
ARcanUSNUMquam
Posts: 17
Joined: Fri Apr 01, 2005 1:31 am
Contact:

Re: How-to: Linking servers

Post by ARcanUSNUMquam »

Ron2K wrote:

Code: Select all

link server2.yourdomain.tld{
	username *;
	hostname 5.6.7.8;
	bind-ip *;
	port 8097;
	hub *;
	password-connect "LiNk";
	password-receive "LiNk";
	class servers;
};
Ron2K wrote:

Code: Select all

link server1.yourdomain.tld{
	username *;
	hostname 1.2.3.4;
	bind-ip *;
	port 8067;
	hub *;
	password-connect "LiNk";
	password-receive "LiNk";
	class servers;
};
You're missing a space in between the server names and the {. Is that an error, or am I making a newbie mistake?

I'm thinking it should be:

Code: Select all

link server2.yourdomain.tld {
	username *;
	hostname 5.6.7.8;
	bind-ip *;
	port 8097;
	hub *;
	password-connect "LiNk";
	password-receive "LiNk";
	class servers;
};
and

Code: Select all

link server1.yourdomain.tld {
	username *;
	hostname 1.2.3.4;
	bind-ip *;
	port 8067;
	hub *;
	password-connect "LiNk";
	password-receive "LiNk";
	class servers;
};
Ron2K

Post by Ron2K »

Corrected, thanks for the report. (I'm surprised that no-one noticed this earlier...)

I think I might also add information about backup links (the deny link block one) and circular topologies (which can't happen), which seems to have been asked a lot lately. Watch this space.

EDIT: Done.
SajaN

i pasted my error

Post by SajaN »

Link denied for indianfriends.no-ip.info([email protected]) (Server is in link block but IP/host didn't match) [@84.242.10.1944]



That's my erroor while linking servers
So any one can help me out there?
Stealth
Head of Support
Posts: 2086
Joined: Tue Jun 15, 2004 8:50 pm
Location: Chino Hills, CA, US
Contact:

Post by Stealth »

Link denied for indianfriends.no-ip.info([email protected]) (Server is in link block but IP/host didn't match) [@84.242.10.1944]

That's my erroor while linking servers
So any one can help me out there?
Please start a new tread for this!

I think it is time someone locks this thread, so I will.
Locked