weecrypt is a plugin for the weechat IRC client that encrypts your communication via GPG.
To install it, run these commands in your shell:
git clone https://github.com/shak-mar/weecrypt.git
mkdir -p ~/.weechat/python/autoload/
cd ~/.weechat/python/autoload/
ln -s ~/weecrypt/weecrypt.py weecrypt.pyIf your weechat is already running, you'll have reload your python plugins:
/python reload
Note: This guide assumes you already have a working GPG setup. If you dont't, you'll have to set it up first.
After installing weecrypt there is a little bit of configuration that needs
to be done. The configuration is read from a JSON-encoded file at
~/.weecrypt.json:
{
"gpg_identifiers": {
"irc_nick": "key identifier"
},
"channels": ["#yourchannel"]
}gpg_identifiers is a dict mapping IRC nicknames to GPG key identifiers. A key
identifier is something unique to the key, such as an email, name or ID.
This is necessary because weecrypt needs to know who to encrypt your message for. Conversly, only the people in the dictionary will receive encrypted messages.
Note: It might be a good idea to put variations of the nicknames, such as
nickname1 or nickname_, in there as well, as clients will use those when
reconnecting while having connection troubles.
Only traffic on whitelisted channels and private messages to nicknames in the
gpg_identifiers dict will be encrypted.
This is useful because you won't be able to convince all of your friends to use encryption or you might want to use big public channels.
Unfortunately, because of the way weecrypt is implemented, the logger will
log all communications after they were decrypted, you therefore have to
disable logging at the very least for the channels and users in question.
weechat's logging options can be found under ~/.weechat/logger.conf.
To simply disable all logging, modify the auto_log option:
auto_log = off
To disable loggin for a specific channel or user set its loglevel to zero. For example:
[level]
irc.freenode.#yourchannel = 0
irc.freenode.yourfriend = 0
When you receive a message that is not encrypted in a whitelisted channel, it
will be prefixed with <unencrypted>: . If you want to write an unencrypted
message yourself, you can use the /unencrypted command.
Note: Also, if you write a message that starts with <unencrypted>: , it
will not be encrypted in order to avoid confusion between encrypted and raw
messages.
When you leave your computer running while you aren’t there, messages you
receive won’t be decrypted correctly, because you aren’t there to enter your
passphrase. In that case, the messages will be replaced with Decryption failed, try /weecrypt_retry.. As soon as you use the /weecrypt_retry command, you
will be prompted for your passphrase by the gpg-agent again, and the decrypted
message will be displayed to you in the server buffer.
This is because ASCII armored GPG messages are quite big and IRC commands are
limited in length. Therefore, weecrypt splits the message into smaller chunks
and reassembles them on the other end. In order to avoid flooding, weechat
waits a little between sending out commands. All this makes for a little slower
communication speed, but you'll have to tolerate that in order to chat
securely.
This is free software (as in freedom), using the permissive MIT (Expat) license. This means you can use, read the source code of, change and redistribute weecrypt.