BitlBee and security

yama · 2009-02-16 00:32:55

I wanted to try a cli based MSN client (to slim down my system a little more) and it seem like BitlBee is the only one that is still alive, allthough its been some months since the last update. But when i searched around for how to get started (adding my MSN account and such) i read on some site that its security is something that you should have in mind. This due to its use of public servers since the password and usernames are sent in plain txt (not encrypted). So then the admins can steal the passwords and "take over" your account. I cant really understand why someone would steal someones MSN account but i still find it to be a reason to not use it. I then started searching around to find out how to put up my own server since that would eliminate that problem (according to whats written in the guide), but couldnt find out how to. And since i am not really into the whole IRC thingie (as i understand its use via a irssi client) it would also be nice to know if i had to put up the server after i reboot my computer. Or if i misunderstand and its started up as a "normal" program just used via a irssi client.

And if you would recommend another cli based MSN client i would appreciate if you let me know. Or if sticking with GUI is the best option.

All help is appreciated

SamC · 2009-02-16 00:36:15

Just install it, enable it in /etc/xinet.d/bitlbee.conf, and then start the xinetd daemon and connect to localhost.

Edit: Or you could have just searched the wiki.

Last edited by SamC (2009-02-16 00:36:47)

yama · 2009-02-16 00:54:04

Thanks for your fast reply.

Yes. i did read the posting in the wiki. So starting the daemon and starting the program and logging in start the private server? Sorry, i must have misread it. But if it is not harder to use a private server and eliminate the security issue i will with no doubt give it a go.

kludge · 2009-02-16 04:47:16

i effing love bitlbee, and use it with weechat. since i have no use for the daemon when i'm not running a chat client, i added

alias weechat='sudo /etc/rc.d/bitlbee start && weechat-curses && sudo /etc/rc.d/bitlbee stop'

to my .bashrc.

i think there's a cleaner way to achieve this (bitlebee -D, maybe?), but i haven't bothered yet.

yama · 2009-02-16 09:05:25

Thanks for the tip. That seem like a nice command. But (and i am sorry for my lack of knowledge) what is the advantage of starting and stopping the daemon in the same command?

kludge · 2009-02-16 09:17:38

it's not really one command; it's three. the '&&' means 'do this, then, if it exits with no errors, execute the next'.

so, it's really:

1.) start bitlbee in daemon mode using the rc script (and if that works alright and once it exits)
2.) start weechat-ncurses (and if that works alright and until it exits)
3.) stop the bitlbee daemon

like i said, i'm sure there's a cleaner way to do this--one that doesn't require entering a password at startup *and* shutdown. i just haven't bothered to figure it out yet.

Last edited by kludge (2009-02-16 09:20:29)

yama · 2009-02-16 09:34:26

oh. now i understand.

Thanks for clearing that up

Arch Linux

#1 2009-02-16 00:32:55

BitlBee and security

#2 2009-02-16 00:36:15

Re: BitlBee and security

#3 2009-02-16 00:54:04

Re: BitlBee and security

#4 2009-02-16 04:47:16

Re: BitlBee and security

#5 2009-02-16 09:05:25

Re: BitlBee and security

#6 2009-02-16 09:17:38

Re: BitlBee and security

#7 2009-02-16 09:34:26

Re: BitlBee and security

Board footer