SASL is a method that allows identification to services (NickServ) during the
connection process, before anything else happens - therefore eliminating the
/msg NickServ identify. To use SASL, you must
register your nickname.
Libera.Chat requires the use of SASL for certain IP ranges.
SASL Client Configuration
We have instructions on how to configure SASL for some clients, below. If
asked to choose an authentication mechanism, be aware that Libera.Chat does
If you know of any additions or corrections to the lists above, or would like to contribute a script or (better) documentation, contact us on IRC.
Documentation on how to create certificates and add their fingerprints to
SASL EXTERNAL can be found in
the article on NickServ and certificates.
SASL access only IP ranges
Some IP address ranges are configured to require SASL authentication to an
existing NickServ account with a verified email address. Connections from
these ranges will be refused with the message
SASL access only. You can
follow the instructions above to configure many commonly used clients.
To create a NickServ account from a restricted IP address, you can first connect with a web client such as our webchat. Webchat is not affected by the SASL restriction. Once your NickServ account’s email address has been verified you can use that account to satisfy the SASL requirement.
SASL access only restrictions are typically applied to address ranges that are the source of frequent policy violations due to providing easy access to dynamic addresses to a wide range of users. These ranges are typically used by VPN, cloud-computing, and mobile network providers. These restrictions are not targeted at individual users.
Based on content © 2016-2021 freenode/web7.0’s contributors under Creative Commons BY-NC-SA