Thursday, July 15, 2010

FiSH

Sparks talked me into installing FiSH encryption plugin for IRC. It looks interesting.  Following notes are for source code install of the AMD 64 version of the plugin for XChat. In the examples below, one end is running on Fedora 13, the other on OpenSuse 11.2.

Steps for install:

1) Go to the FiSH home page.  Click on "FiSH" at the top.

2) Download the source code into a working directory.  Warning! Unzipping the  file will not create a sub-folder so be sure to use a working folder!

3) Download "blow.ini" and save it in ~/.xchat

4) As root, cd into your working directory and unzip the zip file that you downloaded.

5) Create a folder called MIRACL and cd into it via:



mkdir MIRACL
cd MIRACL


6) While still in MIRACL, download and install the Multiprecision Integer and Rational Arithmetic C/C++ Library, via:



wget http://indigo.ie/~mscott/miracl.zip
unzip -j -aa -L miracl.zip


Note: MIRACL's author has declared the library as shareware, stating that it's free for non-commercial use.  Commercial use requires a license (see the README for more info). This is why you won't see FiSH in distros like Fedora or CentOS.

7) Run the included bash script to build miracl.a.  In my case, it was:



bash amd64

8 ) Copy the resulting miracl.a into the next higher folder and move into same, via:



cp miracl.a ..
cd ..


9) Compile the plugin by running:



make amd64

10) Copy the resulting plugin (xfish.so) into XChat's plugin folder via:



cp xfish.so /usr/lib64/xchat/plugins/

That's it for the code install. Using FiSH is simple, if you keep in mind that you shouldn't share keys anywhere except private chat.

Steps for Usage

1) Fire up XChat and go find a friend who's also installed FiSH. (in this example: Sparks)

2) Do a key exchange with your friend (can be open chat)

/keyx Sparks

This causes a Diffie-Helman key exchange so that you can privately chat

3) Open a private chat with your friend by using the /msg+ command

/msg+ Sparks ready to generate a key?

4) Inside private chat, you'll notice that user names are inside brackets, similar to the open chat example below. You or your friend should generate a key. Ways of doing this include (but aren't limited to): manually, the Gnome Password Generator, or Steve Gibson's Ultra High Security Password Generator.

5) Share this password via secure private chat.

6) All participants should run setkey to set the key for group chat. It should look something like:

/setkey y0uR#_pRevi0U51y&Gener4t3d_paSSphra5e

7) Enable "encrypt" and "decrypt" (they are two separate commands).

/encode on
/decode on

After that, your discussion should be encrypted (it should like like gibberish to anyone not having the key). Following is a screenshot showing Sparks and I having an encrypted conversation (note the brackets around the usernames).

As always, if I've made hideous errors, leave me a comment and I'll make corrections. I'll convert this to wiki notes shortly.

4 comments:

  1. I'm looking at building an Ubuntu 10.4 version shortly. I'll update this then.

    ReplyDelete
  2. hi. fairly new at linux.i'm trying to run this setup on my new 64 bit laptop running ubuntu 10.10. I had xchat with encryption working on a 10.04 32 bit desktop. Is MIRACL the software that is making the fish plugin work on 64 bits? I get to step 9 in your doc and get the following error: make: *** No rule to make target `linux'. Stop.

    any help is greatly appreciated.

    ReplyDelete
  3. Tamara,

    Looking in the Makefile, the options (lines that start with a word and a colon) appear to be:

    make all
    make note
    make clean
    make DH
    make misc
    make FiSH
    make mac
    make macosx
    make amd64

    In your case, you probably need just "make all". "make all" will run "make misc", "make DH", and "make FiSH" (in that order).

    Hope this helps...

    ReplyDelete
  4. Tim thanks so much for the quick response. I was finally able to get it working!! Thanks for this write-up.

    ReplyDelete