The CService ZNC module provides secure login functionality for X on UnderNet, including support for 2FA/TOTP authentication and LoC (Login on Connect). It allows users to configure login details, enable/disable 2FA, and specify user modes. Sensitive data, such as passwords and 2FA secrets, are encrypted using AES-256-CBC encryption (v2.0+ upgrade) for enhanced security.
- Secure Login: Authenticate securely with UnderNet using your username, password, and optional TOTP-based 2FA.
- 2FA/TOTP Support: Enhance security by adding time-based one-time passwords to your login process.
- LoC (Login on Connect): Seamlessly log in to UnderNet using their LoC feature. Learn more: UnderNet LoC.
- Custom User Modes: Set your preferred user mode prefix (
-x!,+x!, or-!+x) during server connection. - Encrypted Credentials: Protect your password and 2FA secret with AES-256-CBC encryption (v2.0+ upgrade), ensuring sensitive data is stored securely.
- Clear Configuration: Delete all stored credentials and settings with the
clearconfigcommand.
-
Clone the repository: git clone https://github.com/CryptoSiD/cservice-znc-module.git cd cservice-znc-module
-
Generate your 64-character hex
MASTER_KEY_HEX(v2.0+ requirement): openssl rand -hex 32 # Generates 64-character key Replace the placeholder in the module code: const std::string MASTER_KEY_HEX = "REPLACE_WITH_YOUR_64_CHAR_HEX"; -
Build the module: znc-buildmod cservice.cpp
-
Place the compiled module in your ZNC modules directory: mv cservice.so ~/.znc/modules/
-
Load the module in ZNC: /znc loadmod cservice
After loading the module, run the following command for help and configuration options: /msg *cservice help
-
setusername <username>
Set your UnderNet username.
Example:/msg *cservice setusername myusername -
setpassword <password>
Set your UnderNet password (stored encrypted).
Example:/msg *cservice setpassword mypassword -
setsecret <secret>
Set your 2FA/TOTP secret key (stored encrypted). Ensure the secret is formatted correctly (uppercase with no spaces).
Example:/msg *cservice setsecret A1B2C3D4E5F6G7H8 -
2fa on|off
Enable or disable 2FA/TOTP authentication.
Example:/msg *cservice 2fa on
Example:/msg *cservice 2fa off -
setusermode <mode>
Define the user mode prefix (-x!,+x!, or-!+x) used by LoC during server connection.
Example:/msg *cservice setusermode +x! -
showconfig
Show the current configuration settings (username, 2FA status, user mode, etc.).
Example:/msg *cservice showconfig -
clearconfig
Delete all stored configuration data (username, password, 2FA secret, etc.).
Example:/msg *cservice clearconfig
The CService website provides the 2FA secret key in eight groups separated by spaces, like this: a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6 Before entering the key into the module, you must:
- Remove all spaces.
- Convert all lowercase letters to uppercase.
For example, if CService gives you a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6, you should enter it as:
A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6
This ensures compatibility with the module.
You can use the following Linux command to reformat the key automatically: echo "a1b2 c3d4 e5f6 g7h8 i9j0 k1l2 m3n4 o5p6" | tr -d ' ' | tr '[:lower:]' '[:upper:]'
This module encrypts sensitive data using AES-256-CBC encryption (v2.0+). Each user must generate their own 64-character hex key and update the module code before building it.
To generate a valid v2.0+ key: openssl rand -hex 32 # 64-character output
Replace the placeholder in the code: const std::string MASTER_KEY_HEX = "REPLACE_WITH_YOUR_64_CHAR_HEX";
-
Version 2.0 Upgrade: Existing configurations are incompatible. You must:
- Run
/msg *cservice clearconfig - Re-enter all credentials with the new encryption system
- Run
-
Security Warning: Keep
MASTER_KEY_HEXprivate. Changing it requires full reconfiguration. -
To apply changes:
- /znc unloadmod cservice
- /znc loadmod cservice
Enjoy secure and seamless logins with the CService ZNC module!