1. Create a spoof hostname on the Hostnames page.
   (Skip these steps if you do not have your own domain or you want to use the preconfigured spoof provided)

   • Click the "Add hostname" button.

   • Fill out the "Hostname" field with the (sub)domain you want to use for the cloak.
     (this should be a name without an existing A/AAAA record)

   • Click the "Add" button. Your newly created spoofed Hostname should now be listed as "not verified".

   • Click the "Edit" button for your newly created Hostname.

   • Add the TXT record as given to your DNS configuration.
     (How you do this depends on where/how your domain is managed)

   • You can click the "verify now" button to check if the configuration is active, but It may take a while for the update to take effect depending on the DNS server configuration (it can be 1 day or more for some configurations).

   • Check the Hostnames page occasionally and it should eventually show the status as "verified".
     Do not remove the TXT record after verification as this will disable the spoofed hostname.

2. Create a your Credentials on Credentials page.

   • Click the "Create credential" button.

   • Select "PLAIN"  in the "Mechanism" drop-down list.

   • Select the hostname for this cloak from in the "Hostname" drop-down list.

   • (Optional) Fill in the IP or CIDR subnet (up to /16 for IPv4 and /48 for IPv6) you connect to IRC from in the "IP address / subnet" field.

   • Fill in the Password with your own choice of password in the "Password" field. The password is case-sensitive.

   • Click the "Create" button. The IRC servers are updated once an hour so wait 1 hour for your change to take effect.

3. Configure your IRC client to connect to one of our IRC-Servers on port 6667.

4. You should now be able to connect with the cloak.

   • Read the MOTD carefully after connecting.

   • Remember the cloaks are personal. Do not share them with others, have them sign up for their own account instead.

   • Your account may be blocked if you break the rules.

If you have any questions or need help, please join #ircnet.

/query *status loadmod sasl

/msg *sasl mechanism PLAIN

/msg *sasl set <username> <password>

/query *status jump

/squery saslservice status

Step-by-step instructions:

1. In the File menu, click Select Server.

2. In the Connect -> Servers section of the mIRC Options window, add a Contempt IRC server (ex. address: open.ircnet2.net - Port: 6667).

3. In the Login Method dropdown, select SASL (/CAP).

4. In the second Password box at the bottom of the window, enter your username, then a colon, then your Credential password (ex. loginID:password)

5. Click the OK button

/network add -sasl_username <login> -sasl_password <password> -sasl_mechanism PLAIN ircnet2

/server add -net ircnet2 open.ircnet2.net 6667

It is possible to connect via SASL in two ways.

PLAIN Mechanism:

/server add ircnet2 open.ircnet2.net/6667 -notls

/set irc.server.ircnet2.sasl_mechanism plain

/set irc.server.ircnet2.sasl_username <nickname>

/set irc.server.ircnet2.sasl_password <password>

/save

/connect ircnet2

ECDSA-NIST256P-CHALLENGE Mechanism:

In your Linux shell:

1. Generate a key:
   openssl ecparam -genkey -name prime256v1 -out ~/.weechat/ecdsa.pem

2. Get public key as base64:
   openssl ec -noout -text -conv_form compressed -in ~/.weechat/ecdsa.pem | grep '^pub:' -A 3 | tail -n 3 | tr -d ' \n:' | xxd -r -p | base64
   (You wil get key e.g. AoxWi1Phgumvf+hFRE91Q60tlcy8oa+IswYoEBjXoEar - SAVE IT!)

3. Go to https://accounts.ircnet2.com
   • Create a credential
   • Login ID: leave it the same
   • Choose mechanism: ECDSA-NIST256P-CHALLENGE
   • Public key: paste the key received in the second step

In WeeChat:

/server add ircnet2 open.ircnet2.com/6667

/set irc.server.ircnet2.sasl_mechanism ecdsa-nist256p-challenge

/set irc.server.ircnet2.sasl_username <login-id>

/set irc.server.ircnet2.sasl_key "%h/ecdsa.pem"                          

/connect ircnet2

This method is much safer, we recommend it!

SASL support is Built into the new Serverlist and into the /server command as of 1.9.9.

To enable SASL in the Serverlist:

1. Set the Login Method to "SASL (username + password)".

2. Set the "Username" to your nickserv nick.

3. Set the "Password" to your nickserv password.

Step-by-step instructions:

1. Open the Network List (Ctrl + S)

2. Click Add and type Contempt, then hit enter and click on Edit.

3. Replace the string newserver/6667 with open.ircnet2.net/+6697

4. In the User name field, enter your primary nick.

5. Select SASL (username + password) for the Login method field.

6. In the Password field, enter your NickServ password.

If everything was configured correctly, you should see a SASL authentication successful message when you connect. You will already be identified to NickServ, so you don’t need to do this again.

You can make your channel more secure by allowing access only to SASL authenticated users.

How to  add restriction:
/mode #channel +r

How to remove restriction:
/mode #channel -r

How to  add restriction in query:
/mode <your-nick> +R

How to remove restriction in query:
/mode <your-nick> -R

If someone else is using your nick on IRC, you can recover it by using the following command twice:

/SQUERY SASLService GETNICK <nick>

Nicks can only be approved by administrators.