Page 1 of 1

/msg Nickserv getpass nick for services Admins does not okay

Posted: Thu Aug 12, 2004 10:58 pm
by Snoopy2oo4
Hello.
Serviceadmins means I have a problem, no can make Nick interrogation password more. You get always the announcement " authorization not gold empire " is this standard measure ? At that one 3.0 Unrealircd went this still. Ask for aid. To Thanks

Posted: Thu Aug 12, 2004 11:47 pm
by w00t
I don't quite understand this, but it sounds like a services problem rather than a problem with Unreal

Posted: Fri Aug 13, 2004 6:03 am
by Ron2K
OK, let me see if I can decipher this...

Now, the topic contains "/msg NickServ GETPASS nick", so this is evidently a Services issue. (Which should have gone into the Services forum.) Now, the fact that he mentioned services administrators tells me that he's using IRCServices (IIRC, the NickServ GETPASS command is reserved to Services admins only in IRCServices). Now, the fact that he's posting here tells me that it's buggered up.

Right, now that I've deciphered this message, I can get to work solving it.

In IRCServices, the GETPASS command (NickServ or ChanServ) won't work if you have a one-way password encryption module loaded. Which should sound obvious. The only password encryption module that IRCServices currently has uses the MD5 algorithm which, as most people know, is one-way encryption. So that's the problem - you have the MD5 module loaded. However, as MD5 is one-way, the only way to fix this is to unload the module, and then manually reset each and every user's passwords (if your net has a lot of nickname registrations, this will take a very long time). It leaves you with an interesting dilemma: either have password encryption and no GETPASS command, or have GETPASS but no password encryption. It's really up to you.

Posted: Fri Aug 13, 2004 6:17 am
by aquanight
Anope has getpass and service administrators too...

Posted: Fri Aug 13, 2004 9:28 am
by Ron2K
Yes, but does it not work in similar circumstances to IRCServices?

(I don't know, maybe someone could tell me...)

Posted: Fri Aug 13, 2004 12:05 pm
by AngryWolf
To Ron2k: reading your first post, I must say, that's a nice way of thinking!

Anope supports MD5 encryption of passwords, too. When you run ./configure, you'll see the question below:
Do you want to use the MD5 message-digest algorithm to encrypt passwords?
(Selecting "yes" protects your passwords from being stolen if someone
gains access to the Services databases, but makes it impossible to recover
forgotten passwords. There is no way to reverse this operation, so make
sure you really want to enable it.)
[no]
When it's enabled, everytime you use GETPASS, this mesage is returned:
GETPASS command unavailable because encryption is in use
(The same as what IRCServices says.)

Posted: Mon Aug 16, 2004 12:10 pm
by katsklaw
Not to mention that some IRCServices packages can prevent Services Admins from getting other Services admins passwords. Anope for example.

Posted: Mon Aug 16, 2004 12:45 pm
by AngryWolf
I usually don't criticize anyone's English, but I think this time we can avoid confusion by saying, "some IRCServices packages" would be better said as "some IRC services packages", because "IRCServices" (or more officially, "IRC Services") is a kind of IRC services software, like Anope.

Posted: Mon Aug 16, 2004 6:00 pm
by katsklaw
Soryy, some of us are human and make typos, thanks for the astute observation. Secondly that would be grammar mistakes (more specificlly punctuation and pronunciation) ... not English mistakes.

Posted: Mon Aug 16, 2004 6:04 pm
by AngryWolf
Oh, right, thanks for the correction.

Posted: Mon Aug 16, 2004 7:05 pm
by katsklaw
Sorry for being defensive, tis a very weird day. Yes, your correct IRCService is more commonly known as a package in it's self. I think it also blocks Services Admins from using getpass/drop etc on other Services Admins. I know that Anope and Cygnus does.

Posted: Mon Aug 16, 2004 7:41 pm
by AngryWolf
Yes, IRCServices has that feature, too.

Code: Select all

    # NSSecureAdmins  [RECOMMENDED]
    #     When enabled, prevents the use of the DROP, GETPASS, and SET
    #     PASSWORD commands by Services admins on other Services admins or
    #     the Services root.