202
edits
Difference between revisions of "Securing XMPP"
Jump to navigation
Jump to search
m
no edit summary
(→ejabberd: bug report from Klaus Seistrup) |
Neustradamus (talk | contribs) m |
||
| Line 27: | Line 27: | ||
{s2s_use_starttls, required}. | {s2s_use_starttls, required}. | ||
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}. | {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}. | ||
Further help: | |||
* Homepage: [http://ejabberd.im/ ejabberd.im] | |||
* Chatroom: [xmpp:ejabberd@conference.jabber.ru?join ejabberd@conference.jabber.ru] | |||
* Documentation: [http://www.process-one.net/docs/ejabberd/guide_en.html ejabberd Installation and Operation Guide] | |||
=== Prosody === | === Prosody === | ||
| Line 34: | Line 39: | ||
Further help: | Further help: | ||
* Homepage: [https://prosody.im/ Prosody IM] | |||
* Chatroom: [https://prosody.im/chat/ prosody@conference.prosody.im] | * Chatroom: [https://prosody.im/chat/ prosody@conference.prosody.im] | ||
* Documentation: [https://prosody.im/doc/security Prosody.IM: Security] | * Documentation: [https://prosody.im/doc/security Prosody.IM: Security] | ||
=== Metronome === | |||
Ensure that ''metronome.cfg.lua'' contains the following settings in the global section of your config, or under the specific <code>VirtualHost</code> you want to secure: | |||
c2s_require_encryption = true | |||
s2s_require_encryption = true | |||
Further help: | |||
* Homepage: [http://www.lightwitch.org/metronome Metronome IM] | |||
* Chatroom: [xmpp:grimoire@muc.metronome.im?join grimoire@muc.metronome.im] | |||
* Documentation: [http://www.lightwitch.org/metronome/documentation lightwitch.org/metronome/documentation] | |||
=== Tigase === | === Tigase === | ||
| Line 49: | Line 65: | ||
In order to have improved security Tigase features [http://www.tigase.org/content/hardened-mode 'hardened mode'] which turns off workaround for SSL issues, turns off SSLv2, forces enabling more secure ciphers suites and also forces requirement of StartTLS. | In order to have improved security Tigase features [http://www.tigase.org/content/hardened-mode 'hardened mode'] which turns off workaround for SSL issues, turns off SSLv2, forces enabling more secure ciphers suites and also forces requirement of StartTLS. | ||
--hardened-mode=true | --hardened-mode=true | ||
Further help: | |||
* Homepage: [http://www.tigase.org/ Tigase.org] | |||
* Documentation: [http://www.tigase.org/admin-guide Admin guide] | |||
=== Openfire === | === Openfire === | ||
| Line 57: | Line 77: | ||
# Check the checkbox marked ''Accept self-signed certificates'' | # Check the checkbox marked ''Accept self-signed certificates'' | ||
# Done! | # Done! | ||
Further help: | |||
* Homepage: [http://igniterealtime.org/projects/openfire/ Openfire] | |||
* Chatroom: [xmpp:open_chat@conference.igniterealtime.org?join open_chat@conference.igniterealtime.org] | |||
* Documentation: [http://igniterealtime.org/projects/openfire/documentation.jsp Openfire documentation] | |||
== Step 3: Check your XMPP Security == | == Step 3: Check your XMPP Security == | ||
[http://xmpp.net/ Test your XMPP security] to be sure. | [http://xmpp.net/ Test your XMPP security] to be sure. | ||