Forcing SSL for olines.

[unwilling]

Is it possible to require olines to be using ssl in order to /oper successfully?

I swear I remember seeing an ssl; option mentioned somewhere, but I can't seem to find it.

Thanks!

[Jobe]

http://www.unrealircd.com/modules/view/34 will help you.

But bear in mind, it still doesn't make O:Lines secure, because an oper still has to send his/her password over plain text BEFORE theyre told that they cant oper without using an SSL port.

However if you us sslclient cert (use is detailed in http://forums.unrealircd.com/viewtopic.php?f=3&t=4181) it wont matter if a user tries to oper using non-ssl as they wont have a password to be sent over plain text anyway. As it will only use their clients ssl cert when connected via SSL.

[unwilling]

Thats a very good point. Thank you very much for your suggestion, we will probably implement certs eventually.

[alchemy]

http://www.unrealircd.com/modules/view/34 will help you.

I loaded this module, and as soon as a non-SSL client tried to oper up, it crashed my server/Unreal3.2.7

[Jobe]

I loaded this module, and as soon as a non-SSL client tried to oper up, it crashed my server/Unreal3.2.7

That's a risk you take using modules I'm afraid.

My alternative suggestion listed in this thread is a better solution and doesn't allow the password to be sent in plain text even if the /oper will be unsuccessful.

[Stealth]

The best way to allow only SSL opering that is supported by the core is to only allow your opers to have SSL certificates for authentication.

You can get more information from my tutorial on doing this here: http://forums.unrealircd.com/viewtopic.php?f=3&t=4181