Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)This document last modified Saturday, 02-Aug-2008 08:04:18 PDT
More and more, governments and corporations attempt to read your personnel network communications. From the illegal wiretaps by National Security Agency (NSA) to Sweden's new law requiring all network traffic orginating to or from Sweden be archived, no one is safe. A recent study even showed one out of every three system administrators viewed resources, including your private data, to which they were not allowed access. Being these individuals have access to the network path, network based encryption can not be the only answer (think MitM attacks). Fortunately, Off-the-Record (OTR) messaging provides a solution around this issue.
OTR provides four major points to help ensure private conversations: encryption, authentication, deniability and perfect forward secrecy. This page discusses these points in greater detail. Most people associate OTR with instant messaging (IM). However, IRC is also capable of using OTR. Currently there are two options which allow OTR over IRC. The first is Pidgin. The second is irssi. The rest of this document will discuss the installation and configuration of irssi-otr to enable OTR communications between IRC users.
The first step is to download the latest version of irssi-otr from irssi-otr homepage. The software author offers downloads via both HTTP and git. Download the latest version through your preferred method. Make sure you have the required packages installed: libotr, glib, irssi, cmake, pkg-config, python and wget. The INSTALL file details the requirements for these packages.
The below example demonstrates how to install irssi-otr downloaded via HTTP. If you downloaded irssi-otr with git, you do not need the "-DIRSSIOTR_VERSION" option in the "cmake" line. Make sure to put the appropriate version number.
% tar zxvf irssiotr-HEAD.tar.gz
% cd irssiotr
% cmake -DIRSSIOTR_VERSION=0.1 .
% make
% sudo make install
Once you have irssi-otr installed you need to load the module in irssi. This is accomplished by running a "/load otr" in the irssi interface. The first time you load OTR you need to create a OTR key. You do this by running the command "/otr genkey nick@irc.domain.xyz" where "nick" is your IRC nickname and "irc.domain.xyz" is the IRC server's fully qualified domain name. You confirm the creation of the key by looking in ~/irssi/otr/otr.key. After this, you simply need to write something in the chat room, wait 10 seconds and your communications should become secure. The README covers these commands and others. It is highly recommended you read this document and understand it before deploying irssi-otr.
Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)