Linux Shell Accounts

Introduction

If you know nothing about bncs, a bnc is short for a 'bouncer.' A bnc acts as a proxy for irc, allowing you to hide your real IP address and use a vhost (vanity host - something like 'this.is.a.l33t.vhost.com'). What are the advantages of this? Well, mainly there's just one important one: It'll stop stupid packet kiddies from trying to knock you off the network. Everyone hates getting disconnected, and with a bnc on a decent shell, you should be pretty immune. Remember though: the kiddies can still nuke you, but it is assumed that the shell provider has a high-bandwidth line that allows it to withstand the numerous packets. If your shell is on a 56.6, you'll still be screwed.

So... why psybnc? There are a variety of other open source bnc's available for you to download, most notably EZBounce and plain-ol BNC. Both of these do the exact same basic thing as psybnc: hide your real host. But that's about where the similarity ends. I've been using psy for about three months now, and I'm in love with all the features that it offers. To name a few:
1. You'll always be connected to irc. Even when you close mirc, psy will maintain your connection, so when you connect later, you'll instantly be back on the channels you left. This also lets you hold your nick (if you need that feature), or hold ops on a channel.
2. psy hides your IP even in DCC sessions. In other bncs, a direct client-client session is opened, thus revealing your IP. In psy, the connection is bounced through the shell, and your IP remains your dirty little secret ;)
3. You can link multiple psy's together. This allows you to share vhosts, and also create a small ircd, termed the 'internal' network on the bncs.

There are tons more features, but you can just download the source and view the README.

Now... for the first part of this tutorial, the Basic section, I assume you have little or no experience with shells/irc. For the Intermediate section, though, I assume you can hold your own. For most users, the Basic is as far as they need to go, but all the fun stuff is a bit more complicated.

Configuring and Compiling

Hopefully you have already downloaded the source. If not, you can find it here: http://www.psychoid.lam3rz.de. After you have downloaded that, fire up your favorite ftp client and upload it to the root directory of your shell. The next step is to decompress this file (.tar.gz is kinda like a .zip file for all you windoze ppl out there). To do this, type "tar -zxvf psyBNC2.2.1.tar.gz" Notice that it's case-sensitive. Everything in unix is case-sensitive. Keep that in mind for everything in the future.

If you typed the correctly, you should have a "psybnc" directory on your shell. Change to it ("cd psybnc"). Do "ls -al" and ogle over all those files. Now, this next part is where it gets a bit harder. psyBNC includes a GUI for configuring the bnc. However, this requires ncurses to be installed on your shell, something a bunch of shells do not have. In my experience, most flavors of linux have it installed, but most others (FreeBSD, etc) don't. So, give it a whirl. type "make menuconfig" If you get a GUI, congrats: the configuring process is much easier. If not, well, welcome to my world ;) With menuconfig, the GUI is very easy to follow: obviously an [X] denotes that the option is selected, while [ ] indicates it's not.

For all those stuck doing it by hand, after each option I explain how to set it. For all the compiling options, everything is placed in the file config.h, which is found in the psybnc directory. Just open that file with your favorite editor on the shell (I use and recommend pico -> type "pico config.h"). In this file, if you want something added, it has to be defined. Such as: #define INTNET adds support for the internal network. I list each option below, and tell you how to define it, which is shown in blue.

Compiling options

Support Encryption - This encrypts all your passwords, and enables support for channel encryption, relay encryption, etc... I highly recommend you leave this enabled. #define CRYPT

Encryption Type: (default = Blowfish) - I'm not an encryption genius. I have no clue if Blowfish is better than IDEA or vice-versa. I just leave it as Blowfish. #define BLOWFISH or #define IDEA

Support Translation - This lets you type in english (or whatever your language is) and have the text in the channel appear in a different language. You'll have to see the README for more information: I don't use this feature. #define TRANSLATE

Support Internal Network - This lets you use the internal ircd that psy has. Think of it as a big partyline where you can set modes/bans/topic/etc... I like it, and I recommend you leave it enabled. #define INTNET

Support Traffic Logging - This enables support for logging channels when you're not around. It can be handy, but it can also eat up your shell disk space VERY fast. So be careful if you enable this. (note: you can leave support for it enabled here, then disable it after it is compiled by simply turning it off) #define TRAFFICLOG

Support Linkage - If you want your bnc to link to others (or others to link to yours), enable this. I use it. #define LINKAGE

Support DCC Files / DCC Chat - Most people use these features, so leave em be. #define DCCFILES and #define DCCCHAT

Mode: Multiuser or Singleuser - Duh. If you're going to share your bnc, set it to multi. If it's just you, set it to Single. #define MULTIUSER or #define SINGLEUSER

Maxium users - self-explanatory #define MAXUSER n (n = # of users)

Maximum connections - this is the number that each user can have. They need at least 2 (incoming/outgoing) and more for dcc's, multiple networks, etc. I suggest leaving it at 25. #define MAXCONN n (n = # of connections per user)

Support Scripting - psyBNC allows user-specific scripts. I will not discuss that in this tutorial, but it doesn't hurt to leave support for it enabled. #define SCRIPTING

Support oIdentd - If your shell supports it, this allows users to change their ident. Most don't support it. I don't use it. (for more info on oIdentd: http://www.sourceforge.net) #define OIDENTD

Support Multiple IRC Networks - This allows users to connect to >1 network with the same client. Hence, in one mirc session, the user could be on efnet, dalnet and ircnet. I love this feature and recommend you leave it enabled (even if you don't plan to use it now). #define NETWORK

Support proxy usage - If you want to further anonymize your connection by bouncing mirc-->bnc-->proxy-->irc, enable this. But since most irc servers check for open proxies, this won't work in many cases. #define PROXYS

Anonymous Bouncer Usage - Want the whole world to use your bnc? Then enable this! (not recommended) #define ANONYMOUS

No Permanent IRC-Connections - If this is enabled, psy will disconnect you from irc when you disconnect rom the bnc. Otheriwse, you'll always stay connected to irc unless you force it to quit. #define DYNAMIC

Loglevel - 3 different options here, choose your poison. I prefer to leave them all enabled since I like to know everything going on with my bnc. #define LOGLEVEL n (where n is: 0 = Errors, Warnings and Info; 1 = Errors and Warnings; 2 = Errors only)

Use the 2.1.1 compatible partyline - If you're going to be linking to old psy's, this might be good to enable. But if you're the only bnc, or if they're all 2.2.1, no need to enable this option. #define PARTYCHANNEL

Version reply - Set the reply psybnc will send when someone sends you a CTCP VERSION query. (note: when you are connected to the bnc, psy will be transparent, all ctcp's will be answered by mirc. When you're not connected, psy will only answer to the version ctcp as set by this option.) #define CTCPVERSION "reply" where reply is whatever you want to set... psy defaults to: "psyBNC 2.2.1 by the most psychoid"

Once you have all these options set, you have two choices: If you're using menuconfig, skip to the next step. If you're doing it manually, this is where you actually want to compile your bnc. It's very easy to do. Simply type "make" in the psybnc directory. It won't take long to compile. Once it's done, go on to the next step.

Configuring options

If you're using the GUI, all these options are accessable under the Bouncer-Config part of the menu. If you're not using the GUI, all these options are in psybnc.conf, which is created in the psybnc directory after it is compiled. To edit these options manually, just edit this file. The Appendix has the proper syntax for each option, go there and look at them.

Before going through these options, do the following: know the IP of your shell. for example, if you connect to "l33t.shell.com", go into mirc and type "/dns l33t.shell.com" to get the numeric IP. Also, choose a port for the bnc. I recommend some random number that no one will guess. Ok, on to the options:

Listening ports - You have to tell the bnc where to listen. You can have it listen on more than one port on the same IP, on multiple IPs with the same port, etc. For most people, listening on just one port on one IP is adequate. (the psy default is 31337, and you can leave it at that if you're lame)
Links - Don't worry about this now.
Bouncer Name - Name your bnc. Something like "mypsy1" will work just fine.
Host Allows - Want to restrict access to certain IPs or certian IP masks? This is the place to put those permissions. psy will disallow access to anyone not listed here. To allow anyone (provided they have the correct username and password) set this to "*".
Users - At this point, you want to just add yourself. Adding other users will be discussed in more detail later. In menuconfig, just select this, select "New" then follow the directions. Remember that to connect to psybnc, your ident in mirc must be set to your psybnc username. For all those manual people, jump down to the Appendix, which is where you should be anyway.
DCC Host - The IP to use for all your DCC sessions (if you defined DCC support). I recommend setting it to the same IP that your bnc is listening on for simplicity.
Congrats, your setup is complete. If you haven't done so already, it's time to compile your bnc by typing "make" at the shell prompt in your psybnc directory. Then type "./psybnc" to start the bouncer. Hopefully everything went smoothly and you're ready to jump into the next section:

Setting up your Account

The first thing you need to do is connect to your bnc. In mirc, open up the connect dialogue box and add in another server. Name it "My BNC" or something like that, enter the IP and port, and enter the password that you chose (either through menuconfig or in the conf file). Now make sure that your ident is set to your username. It's also a good idea to set your e-mail address to "username@whatever.com". If psy can't get an ident response from you, it checks your e-mail addy as verification of the username. If everything goes well, you'll see this when you connect: -Welcome- psyBNC2.2.1

Now you need to get connected to irc: first, you need to select your vhost. To see what vhosts are available, type "vhosts" at your shell prompt. For security reasons, there is no way to view the vhosts in psy. After your vhost is selected, you'll need to add in some irc servers, and set a few other options. the commands follow below. All commands appear in RED, everything else after it is an explanation. All brackets are for my purposes, don't use brackets in any command!

/vhost [vhost] -- [vhost] is your vhost in alpha form (ie, this.is.a.cool.vhost.com and NOT 127.0.0.1)
/addserver [server] :[port] -- server can be in alpha or numeric form...

Once you add in the server, psy will auto-connect to it in a short while. You can add in more servers so that if one goes down, psy can reconnect to a different one. Just use the command above again. For server managment:

/listservers -- lists all the servers you have added
/delserver [n] -- deletes the server with #[n] (as shown by the listservers command)
/jump -- disconnects you from your current server and attempts to connect to the next server in your list
/bquit -- disconnects you from the server until you force it to connect
/bconnect -- connects you to irc

Now, remember that psy will keep you connected to irc even when you're not connected to the bnc. So, these commands are helpful:

/setaway [message] -- psy will display this message to all channels you're on when you quit the bnc. It will NOT repeat this message (since that's gay). To remove the message, just type /setaway
/setawaynick [nick] -- when you quit the bnc, psy will auto-change your nick to the nick you set here. When you reconnect, it'll auto change it back to what's shown in the mirc nick.

OK, now for some more commands that ppl find useful. Remember that ALL commands are in the README file that came with psybnc. I'm not going to repeat all of them.

/playprivatelog -- plays the log of all messages sent to you when you were disconnected from the bnc. The log will be opened in a window called -psyBNC.
/eraseprivatelog -- erases the aforementioned log.

---

psy has a damn cool feature in that it allows encryption. You can encrypt text sent to a channel or a person. Each person needs to have the same key to view the text. This is helpful if you're paranoid, or if you want to have a private conversation in a public channel. (Why you wouldn't just pm is beyond me ;) It also makes you look l33t lol.

/encrypt [password] :[channel/person] -- make sure everyone you want to speak with has the same key. And they need to be using psybnc as well. duh.
/listencrypt -- lists your current encryptions
/delencrypt [n] -- deletes encryption #[n] as shown by the listencryption command.

---

User management

Obviously, if you have your bnc compiled as singleuser, this section is pointless for you. But for everyone else, I'm sure you want to add in other users, delete them, etc... Here's the commands to do it:

/adduser [user] :[real name] -- the [user] is what the person will have to set their ident to. The [real name] part is what ppl will see when doing a /whois. for example: /adduser jestrix :me love you long time --> shows this in the first line of a whois --> jestrix is ident@vhost * me love you long time.
/deluser [user] -- deletes the user.
/password [new pass] -- changes your password. If you're an admin, you can change other ppl's passwords: /password [user] :[pass]
/madmin [user] -- makes a user into an admin (choose your admins carefully!)
/unadmin [user] -- removes admin rights from a user.
/bwho --- see who is added to your bouncer. Also shows if they're connected, what server they're connected to, and what their IP is.

I recommend you secure your bnc even more by restricting what IPs can connect to it:
/addallow [IP or mask] --- lets whatever IP or mask you specify connect to the bnc. IPs can be definite, ie. 12.12.12.34 or masked, 12.12.12.*. You can also use hostnames and masks such as *.myisp.com.
/listallow --- lists the allowed connections.
/delallow [n] --- deletes allow #n as shown by listallow.

DCC stuff

This section assumes that you compiled your bnc with DCCFILE and DCCCHAT. If you did not, then you can do all your dcc stuff as you normally would in mirc, but remember that your real IP will be revealed by doing this. Like I sated before, the benefit to psy is that it hides your IP during DCC sessions, but in order to do this, your life gets a bit harder. First, let's go over the basic DCC commands:

/dccchat [user] --- opens a dcc chat session with the user you specify.
/dccsend [file] :[user] --- sends a file to the person you specify. The file MUST be in ~/psybnc/downloads/USERx (where USERx is your user #. Not sure what your user # is? do a /bwho
/dccanswer [user] --- if someone sends you a dcc chat request, psy will inform you through a notice. You must then type this to accept the request.
/dccget [file] :[user] --- gets a file that was dcc'd to you by someone. This file will be stored in the ~/psybnc/downloads/USERx directory.
/dccsendme [file] --- tells psy to send you the file you specify. Use this after you get a file from another user and then want to get it from your shell. This is the only way people without shell access can get their files.
/listdcc --- lists all dcc's
/dcccancel [n] --- cancels dcc # n as shown by /listdcc

Now for the cool stuff :) my favorite feature of psy is it's ability to stay permanently connected to a bot through a DCC, and to ask this bot for ops. As anyone who has experience with running a botnet knows, one of the easiest ways for a channel to be taken over is to have some idiot /msg [bot] OP [password], when the bot's nick was taken by someone else. With psy, however, the askop request can be done two ways: through the partyline when a DCC is initiated, or through a msg that first checks the mask of the person being sent the request. Sweet, eh? So, the commands to do it:

/adddcc [botname] [username] [password] :[host]:[port] --- The botname is obviously the name of the bot, The username and password are your personal l/p that you use to gain access to the bot's partyline. The host is the host of the bot. It can be either the alpha-form, or the actual IP address. I prefer the actual IP address, since it's possible DNS can be down. And finally, the port is the port that the bot listens on for user connections. Some bots listen for other bots on one port and for users on another, so make sure you get the right one :)
/listdcc --- lists all dcc's
/deldcc [n] --- deletes dcc # n as shown by /listdcc

Now, for the askops part: This part assumes you added in a DCC to the bot as shown above. If you don't have partyline access, you can still add an askop, but I'll get to that later.

/addask [#chan] [password] :-[botname] --- The chan is the channel you want to get ops on, the password is your password, and the bot's nick, preceded with a :-, is the bot which you have a dcc enabled to.
/listask --- lists all the askops you have
/delask [n] --- deletes askop # n as shown by /listask

Now, if you don't have partyline access, you can add the askop in this way:

/addask [#chan] [password] :[bothost] --- where chan is the channel you want to be opped on, your password is your password (duh), and the bothost is the bot's hostmask. A mostmask, for the uninformed, is formed like this: username!ident@host. Since a bot is set to use a different nick if someone takes their default, set the host for something like: *!mybot@damn.cool.vhost.com.

Multiple Networks

One of my other favorite things about psyBNC :) Do you have a bunch of channels you hang in on efnet, but also one or two channels on dalnet that you like to go to? If you're like me, you do...but you alo hate having multiple mirc sessions open. Fret no more! psyBNC can solve your problems by allowing you to connect to more than one network with the same mirc client. For this section I'll assume that you're familiar with most of the commands in psy. If not, get familiar with them before you try to do this. Ok, let's get into the commands.

The first thing you need to do is add in another network:
/addnetwork [name] --- adds in a network with the name you specify. Keep in mind that network names are case-sensitive. Furthermore, you'll be typing the name a lot, so if you're adding in dalnet, use the name "dal" or "dn" or something similar.

Once you have the network added, you need to choose your vhost for that network. If you don't choose one, it'll default to the IP the bnc is on, usually something gay like "my-shell-company.com". So:
/vhost [network]~[vhost] --- sets your vhost on the network you specify.

See this command? This is the format for ALL commands used on multiple networks. Simply prefix the syntax of the command with [network]. So, to give some other examples:

/addserver dn~irc.dal.net:6667 --- adds in the server irc.dal.net with port 6667 to the "dn" network.
/join dn~#fxp --- joins #fxp on network dn. (btw, I hear that some freaky ppl hang in this particular channel ;)
/msg dn~joeschmoe beeyatch --- sends the message "beeyatch" to user with the nick joeschmoe on network dn.

Now, some weird things about multiple networks:
1. Your nick in the nicklists for channels on other networks will show the nick you're using on your primary network. So, even if you do: /nick dn~TwatMuffin, even though other ppl will now see you as TwatMuffin in their list, you'll see yourself as jestrix, or whatever nick you use.

2. If you get opped/voiced in a channel, you won't see it in the nicklist. You'll just appear to be a regular schmoe.

3. Let's say JoeSmith is in #chat on efnet, your primary network. You head over to dalnet, and he's there in #fxp. Everyone else in #fxp will look like dn~BobJones, but JoeSmith will be just JoeSmith. If you try to msg him by dbl-clicking on his nick int he dalnet channel, you'll really be sending a msg to him on efnet. You have to use dn~JoeSmith to talk with him on dalnet.

Some final things. Maybe you don't always want to be on more than one network. I prefer to always be on efnet, and then head to my other networks when I want to talk with ppl there. So:
/bconnect [network]~ --- connects you to the network you specify (assuming you have servers added for that network)
/bquit [network]~ --- quits you from that network. You'll still be connected to your primary network. Note, if you do /bquit, you'll be quitted from ALL your networks.

OK, multiple networks also includes the psy "internal network". Think of it as an ircd inside your bnc. By using the network name "int" you can create private channels that only ppl connected to your bnc can access. For example, /join int~#partyline will have you join the internal channel #partyline. You can set modes/ops/topic in the internal channels just like you would on a normal channel. do a whois on someone in an internal channel, it looks neat ;) You can also privately msg other people connected to your bnc: /msg $[nick]. Prefix it with a $ and psy will send it directly to the person on the bnc; it will not pass through the irc server.

Linking

A cool aspect of psy is the ability form a psy-net through the linkage of multiple psybncs. The benefit of this is to create a private internal network secure from snooping, and secure from takeovers! Furthermore, you can let ppl on other bouncers use your machine's vhosts if you wish.

So, to create a link to another bouncer:
/linkto [name of other bnc] :[IP]:[port]

The other bouncer would have to do the following:
/linkfrom [name of other bnc] :[IP]:[port]

To view all your links:
/listlinks

I love to have everything encrypted, including my links. To create an encrypted link:
/setlinkkey [link #] :[password]
After doing this on both psy's, do:
/relink [link #] on either bouncer to reset

To enable the sharing of vhosts:
/relaylink [name of other bnc] :n --- where n=0 to disable vhost sharing; 1 to enable it.

Final note: If you use hostmasks to restrict connections to your bnc, you must add the other bnc's IP as an allowed host!!

Appendix

For one reason or another, you might want to edit your psybnc.conf (especially if menuconfig doesn't work for you). So, here are the applicable lines and what they mean. I'm sure I've missed a few lines, so if you find anything and know what it does, please email me. Note that ALL the variables in psybnc.conf are capitalized and that there are no spaces on either side of the =.

Variables are shown in orange.

###SYSTEM SETTINGS###
PSYBNC.SYSTEM.PORT1= The port your bnc is going to listen on. use a PORTx variable if you want multiple ports.
PSYBNC.SYSTEM.ME= The name of your bouncer.
PSYBNC.SYSTEM.HOST1= The IP your bnc is going to listen on. Use HOSTx for multiple hosts.
PSYBNC.SYSTEM.DCCHOST= The IP that will be used for DCC sessions.
PSYBNC.HOSTALLOWS.ENTRY0= The first IP that will be allowed to connect to your bouncer. Use *;* for everyone. This can include masks. The first * indicates the IP, not sure what the * after the ; denotes... can't find anything anywhere about it.

###USER SETTINGS###
(note that USER1 can be substituted for USERx)
USER1.USER.LOGIN= The login name for the user (ident)
USER1.USER.NICK= The nick the user will use on irc.
USER1.USER.USER= The 'real name' of the user (what appears in the whois)
USER1.USER.PASS= The password of the user (this will be shown in encrypted form; if you change the password in psybnc, then restart it, the password will become encrypted.)
USER1.USER.RIGHTS= 0-not an admin; 1-an admin
USER1.USER.ACOLLIDE= 0-disable anti-collide; 1-enable anti-collide
USER1.USER.SYSMSG= 0-Do not show system messages to the user; 1-Show them
USER1.USER.VHOST= The user's vhost
USER1.USER.AWAYNICK= The user's away nick
USER1.USER.AWAY= The user's away msg
USER3.USER.LEAVEMSG= The message shown when you disconnect from the bnc
USER1.USER.VLINK= (0/1) Not sure what this does (default =0)
USER1.USER.PPORT= (0/1) Not sure what this does (default =0)
USER1.USER.PARENT= (0/1) Not sure what this does (default =0)
USER1.USER.QUITTED= 0-User is connected to irc; 1-User is quitted
USER1.USER.DCCENABLED= 0-dcc is diabled; 1-dcc is enabled.
USER1.USER.AIDLE= 0-anti-idle is disabled; 1-it's enabled.
USER1.USER.LEAVEQUIT= 0-when the user disconnects from teh bnc, they stay on all their channels; 1-when they quit, they leave all the channels, but still stay connected to irc.
USER1.USER.AUTOREJOIN= 0-if you get kicked when not on the bnc, psy will not rejoin the channel; 1-psy sill rejoin the channel for you if you get kicked.
USER1.USER.LASTLOG= (0/1) Not sure what this does (default =0)
USER1.SERVERS.SERVER1= The first server of the user.
USER1.SERVERS.PORT1= The port for server number 1.
USER1.CHANNELS.ENTRY0= The first channel the user wants to sit on.
USER1.CHANNELS.KEY0= The key for the first channel. (This is NOT encrypted)
USER1.INTCHANS.ENTRY0= An internal channel the user wants to sit on.
USER1.AOP.ENTRY1=Entry for someone to get ops from your client int he form of hostmask;password. (not covered in this tutorial)

###LINKAGE STUFF###
LINKS.LINK1.PORT= Port for link 1
LINKS.LINK1.NAME= name of the otehr bnc
LINKS.LINK1.IAM= name of the other bnc (redundant?)
LINKS.LINK1.HOST= IP of the link
LINKS.LINK1.PASS= Password for the link (used only by the bncs)
LINKS.LINK1.ALLOWRELAY= 0-Do not share vhosts; 1-Allow the sharing of vhosts
LINKS.LINK1.CRKEY= Key set by negotiation between the bncs
LINKS.LINK1.TYPE= 0-Your bouncer links to theirs; 1-Their bouncer links to yours.

###DCC AND ASKOP STUFF###
(note: I don't recommend editing any of these variables through psybnc.onf -> use the commands in mirc.
USER1.DCC.ENTRY0= Stuff pertaining to DCC #0
USER1.ASK.ENTRY0= Stuff pertaining to AskOp #0

Setting Crontab

The basic form for a crontab entry is (to the best of my knowledge):
<minute> <hour> <day> <week> <month> <process to run>
So, if you like to check every 10min, it would be:
0,10,20,30,40,50 * * * * <process to run>

Included with psybnc is psybncchk. Open this file and change the line that reads PSYBNCPATH=/set/path/here. Set it to your psybnc directory of course. Make sure it has execute perms (chmod 700 psybncchk)!

Then add the following to your crontab (use crontab -e to edit your crontab): (this example is for a check every 10 minutes:
0,10,20,30,40,50 * * * * /l33t/shell/psybnc/psybncchk >/dev/null 2>&1

The >/dev/null 2>&1 part tells crontab not to send you an e-mail whenever it restarts psybnc. Omit that part if you like e-mail.


This document was written by jestrix

 

Return to Shells and VPS homepage.