How to connect ERC over TOR ------------------------------------------------------------------------------- Copyright (C) 2023 oat Author: oat Date: 2023-05-25 Version 0 Revision 0 License The GNU Free Documentation License ------------------------------------------------------------------------------- Content Table I Preface II Acknowlegments III Web page reference IV Glossary 1 Introduction 2 Necesary Software 2.1 Install GNU Package 2.1.1 Guix 2.1.2 gnutls 2.1.3 gnurl 2.1.4 emacs-next 2.2 Install NONGNU Package 2.2.1 tor 2.2.2 nss-certs 2.2.3 openssl 2.3 Instalation Example 3 Tor setting 3.1 Test TOR works correctly 3.1.2 Test Example 4 Register libera chat account 5 Create a self-signed certificate 5.1 Test your certificate 5.1.1 Emacs setting 6 Add your fingerprint to NickServ 7 Emacs ERC over TOR 7.1 Emacs setting 8 Cloaks 9 Appendix 9.A Reference 9.B The GNU Free Documentation License ------------------------------------------------------------------------------- I Preface You will find in this document the necesary software and setting to use ERC IRC client over TOR. ------------------------------------------------------------------------------- II Acknowlegments Special thanks to Neverwas, Corwin, w0lper and Affliction. ------------------------------------------------------------------------------- III Web page reference https://lists.gnu.org/archive/html/emacs-erc/2023-05/msg00021.html https://lists.gnu.org/archive/html/emacs-erc/2023-05/txtApMgS1NpgY.txt https://lists.gnu.org/archive/html/emacs-devel/2020-11/msg00679.htm ------------------------------------------------------------------------------- IV Glossary If you do not know what to do the software mention in this document read its description section manual. Example: man guix ------------------------------------------------------------------------------- Introduction This document was testing on Emacs-29.0.90 with ERC 5.5. It is writen for brand new emacs and erc users. I hope, it was useful to users with more level. The whole process will make from command line. ------------------------------------------------------------------------------- 2 Necesary Software You must be install the software listed to make ERC works correctly over TOR. 2.1 Install GNU Package They are software mantained officialy by GNU project. Please install them in the order show it below. 2.1.1 Guix Install first guix package manager following the instuctions in the URL https://guix.gnu.org/en/videos/2020/installation-from-script/ 2.1.2 gnutls 2.1.3 gnurl 2.1.4 emacs-next 2.2 Install NONGNU Package They are software not mantained officialy by GNU project. Please install them in the order show it below. 2.2.1 tor 2.2.2 nss-certs 2.2.3 openssl 2.3 Instalation Example guix search package-name Press q to exit the search guix install package-name ------------------------------------------------------------------------------- 3 Tor setting Create tor directory Example: mkdir /home/user/.tor/ Locate into tor directory. Example: cd /home/user/.tor/ Create a torrc configuration file. Example: nano /home/user/.tor/.torrc Update torrc Adding the below lines # torrc entry for libera.chat onion service MapAddress palladium.libera.chat libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion Save and exit from nano. 3.1 Test TOR works correctly Now you need to be sure TOR works correctly. 3.1.2 Test Example Run the commands below gnurl --proxy socks5h://localhost:9050 https://www.gnu.org/ --cacert /gnu/store/dy3xh053ahkhrp2jamggq8cpsyvp8mg0-python-3.10.7/lib/python3.10/site-packages/pip/_vendor/certifi/cacert.pem | grep 'GNU Operating System' The result show it below means TOR works correctly: % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0The GNU Operating System and the Free Software Movement 100 30855 0 30855 0 0 16805 0 --:--:-- 0:00:01 --:--:-- 16814 Run the commands below gnurl --proxy socks5h://localhost:9050 https://check.torproject.org --cacert /gnu/store/dy3xh053ahkhrp2jamggq8cpsyvp8mg0-python-3.10.7/lib/python3.10/site-packages/pip/_vendor/certifi/cacert.pem | grep 'Congratulations' The result show it below means TOR works correctly: % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 5028 0 5028 Congratulations. This browser is configured to use Tor. 0 Congratulations. This browser is configured to use Tor. 0 2420 0 --:--:-- 0:00:02 --:--:-- 2420 ------------------------------------------------------------------------------- 4 Register libera chat account Nickname Registration Follow the instructions in the URL https://libera.chat/guides/registration ------------------------------------------------------------------------------- 5 Create a self-signed certificate Locate on your home directory. Example: cd /home/user/ Execute the command show it below: Example: openssl req -x509 -new -newkey rsa:4096 -sha256 -days 1096 -nodes -out libera.crt -keyout libera.key Getting your fingerprint Example: openssl x509 -in libera.crt -noout -fingerprint -sha512 | awk -F= '{gsub(":",""); print tolower ($2)}' Save your fingerprint 5.1 Test your certificate 5.1.1 Emacs setting Locate on .emacs.d/ directory. Example: cd /home/user/.emacs.d/ Create your init.el configuration file. Example: nano init.el To add the source code show it below into your init.el: (setopt erc-sasl-mechanism 'external) (erc-tls :server "irc.libera.chat" :port 6697 :nick "nick-name" :client-certificate '("/home/user/libera.key" "/home/user/libera.crt")) Save and exit from nano. Run emacs-29.0.90 --debug-init If all work correctly a new buffer will add with IRC connection that means your certificate is correctly. ------------------------------------------------------------------------------- 6 Add your fingerprint to NickServ Example: /msg NickServ CERT ADD your-fingerprint ------------------------------------------------------------------------------- 7 Emacs ERC over TOR 7.1 Emacs setting Update your init.el configuration file. Example: nano init.el Remove your previous init.el configuration file. To add the source code show it below into your init.el (require 'socks) (require 'sasl) (require 'erc) (require 'gnutls) (defun erc-tor () (interactive) (let* ((socks-password "") (socks-server '("tor" "localhost" 9050 5)) (erc-modules (cons 'sasl erc-modules)) (erc-sasl-mechanism 'external) (erc-server-connect-function #'erc-tor-service)) (erc-open "libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion" 6697 "nick-name" "full-name" 'connect nil nil nil nil (list "/home/user/libera.key" "/home/user/libera.crt") "libera-chat-account"))) (defun erc-tor-service (name buffer host service &rest parameters) "Connect to ERC via SOCKS proxy with client cert." (print "Begining erc-tor-service") (let* ((proc (socks-open-network-stream name buffer host service)) (cert-info (plist-get parameters :client-certificate))) ;; This automatically sets :type 'gnutls-x509pki (gnutls-negotiate :process proc :hostname host :keylist (list cert-info)))) (custom-set-variables '(erc-modules '(autojoin button completion fill irccontrols list match menu move-to-prompt netsplit networks noncommands readonly ring sasl stamp track))) (custom-set-faces) Save and exit from nano. Run emacs-29.0.90 --debug-init If all work correctly a new buffer will add with IRC connection that means your ERC over TOR is correctly configure. ------------------------------------------------------------------------------- 8 Cloaks Read the URL https://libera.chat/guides/cloaks ------------------------------------------------------------------------------- 9 Appendix 9.A Reference ERC manual Elisp manual Emacs manual 9.B The GNU Free Documentation License https://www.gnu.org/licenses/fdl-1.3.txt