1 Frequently Asked Questions
5 1.2 When was SILC Project started?
6 1.3 Why SILC in the first place?
7 1.4 What license covers the SILC release?
8 1.5 Why SILC? Why not IRC3?
9 1.6 What platforms SILC supports?
10 1.7 How do you pronounce SILC?
11 1.8 Where can I find more information?
12 1.9 I would like to help out, what can I do?
15 2.1 What is the status of SILC protocol in the IETF?
16 2.2 How much the SILC protocol is based on IRC?
17 2.3 Why use SILC? Why not IRC with SSL?
18 2.4 Can I talk from SILC network to IRC network?
19 2.5 Does SILC support file transfer?
20 2.6 Does SILC support DCC or alike?
21 2.7 I am behind a firewall, can I use SILC?
22 2.8 How secure SILC really is?
23 2.9 Does SILC support instant messaging?
24 2.10 Why SILC does not have LINKS command like in IRC?
25 2.11 Why SILC does not have STATS command like in IRC?
26 2.12 Is anyone outside a channel able to see the channel
28 2.13 Is it true that all messages are encrypted in SILC?
29 2.14 Can server or SILC operator gain operator mode on a channel?
30 2.15 I have suggestions to SILC Protocol, what can I do?
33 3.1 Where can I find SILC clients?
34 3.2 Can I use SILC with IRC client and vice versa?
35 3.3 The default theme sucks, where can I find a better one?
36 3.4 How do I send a private message?
37 3.5 How do I negotiate secret key with another user?
38 3.6 How do I negotiate secret keys behind a NAT?
39 3.7 How do I change channel modes?
40 3.8 What does the founder mode on channel mean, and how do I set
42 3.9 I am founder of invite only channel, how can I join the
43 channel after I have left it?
44 3.10 How can I op or deop somebody on channel?
45 3.11 How do I set private key for channel, and what does that
47 3.12 How do I transfer a file?
48 3.13 How can I get other users public keys?
49 3.14 How can I see the fingerprint of my public key?
50 3.15 I gave WHOIS to a nick, and it returned multiple replies,
52 3.16 Is there a command to see all linked servers?
53 3.17 How do I list the users of a channel?
54 3.18 What is the difference between OPER and SILCOPER commands?
57 4.1 Where can I find SILC servers?
58 4.2 Can I run my own SILC server?
59 4.3 What is the difference between SILC server and SILC router?
60 4.4 Why server says permission denied to write to a log file?
61 4.5 When I connect to to my server, it says "server does not
62 support one of your proposed cipher", what is wrong?
63 4.6 Why SILC server runs on privileged port 706?
64 4.7 I see [Unknown] in the log file, what does it mean?
67 5.1 What is SILC Toolkit?
68 5.2 Is the SILC Toolkit Reference Manual Available?
69 5.3 How do I compile the Toolkit on Unix?
70 5.4 How do I compile the Toolkit on Win32?
71 5.5 Does the Toolkit package include any sample code?
76 A: SILC (Secure Internet Live Conferencing) is a protocol which
77 provides secure conferencing services in the Internet over insecure
78 channel. SILC is IRC like although internally they are very different.
79 Biggest similarity between SILC and IRC is that they both provide
80 conferencing services and that SILC has almost same commands as IRC.
81 Other than that they are nothing alike.
83 Biggest differences are that SILC is secure what IRC is not in any
84 way. The network model is also entirely different compared to IRC.
86 Q: When was SILC Project started?
87 A: The SILC development started in 1996 and early 1997. But, for
88 various reasons it suspended many times until it finally got some wind
89 under its wings in 1999. First public release was in summer 2000.
91 Q: Why SILC in the first place?
92 A: Simply for fun, nothing more. And actually for need back in the
93 days when it was started. When SILC was first developed there really
94 did not exist anything like this. SILC has been very interesting and
97 Q: What license covers the SILC release?
98 A: The SILC software developed here at silcnet.org, the SILC Client,
99 the SILC Server and the SILC Toolkit are covered by the GNU General
102 Q: Why SILC? Why not IRC3?
103 A: Question that is justified no doubt of that. SILC was not started
104 to become a replacement for IRC. SILC was something that didn't exist
105 in 1996 or even today except that SILC is now released. However, I did
106 check out the IRC3 project in 1997 when I started coding and planning
109 But, IRC3 is problematic. Why? Because it still doesn't exist. The
110 project is almost at the same spot where it was in 1997 when I checked
111 it out. And it was old project back then as well. That's the problem
112 of IRC3 project. The same almost happened to SILC as well as I wasn't
113 making real progress over the years. I talked to the original author
114 of IRC, Jarkko Oikarinen, in 1997 and he directed me to the IRC3
115 project, although he said that IRC3 is a lot of talking and not that
116 much of anything else. I am not trying to put down the IRC3 project
117 but its problem is that no one in the project is able to make a
118 decision what is the best way to go about making the IRC3 and I wasn't
119 going to be part of that. The fact is that if I would've gone to IRC3
120 project, nor IRC3 or SILC would exist today. I think IRC3 could be
121 something really great if they just would get their act together and
122 start coding the thing.
124 Q: What platforms SILC supports?
125 A: The SILC Client is available on various Unix systems and is
126 reported to work under cygwin on Windows. The SILC Server also works
127 on various Unix systems. However, the server has not been tested under
128 cygwin as far as we know. The SILC Toolkit is distributed for all
129 platforms, Unix, Cygwin and native Windows.
131 Q: How do you pronounce SILC?
132 A: SILC is usually pronounced as `silk', but you are free to pronounce
135 Q: Where can I find more information?
136 A: For more technical information we suggest reading the SILC Protocol
137 specifications. You might also want to take a look at the
138 documentation page on the web page.
140 Q: I would like to help out, what can I do?
141 A: You might want to take a look at the Contributing page and the TODO
142 list. You might also want to join the SILC development mailing list.
144 2. Protocol Questions
146 Q: What is the status of SILC protocol in the IETF?
147 A: The SILC protocol specifications has been submitted currently as
148 individual submissions. There does not currently exist a working group
149 for this sort of project. Our goal is to fully standardize the SILC
150 and thus submit it as RFC to the IETF at a later time. This can happen
151 only after we have requested the IETF to accept SILC as RFC. As of
152 today, we have not yet even requested this from the IETF. We want to
153 let the protocol mature a bit more.
155 Q: How much SILC Protocol is based on IRC?
156 A: SILC is not based on IRC. The client superficially resembles IRC
157 client but everything that happens under the hood is nothing alike
158 IRC. SILC could *never* support IRC because the entire network
159 toppology is different (hopefully more scalable and powerful). So no,
160 SILC protocol (client or server) is not based on IRC. Instead, We've
161 taken good things from IRC and left all the bad things behind and not
162 even tried to burden the SILC with the IRCs problems that will burden
163 IRC and future IRC projects till the end. SILC client resembles IRC
164 client because it is easier for new users to start using SILC when
165 they already know all the commands.
167 Q: Why use SILC? Why not IRC with SSL?
168 A: Sure, that is possible, although, does that secure the entire IRC
169 network? And does that increase or decrease the lags and splits in the
170 IRC network? Does that provide user based security where some specific
171 private message are secured? Does that provide security where some
172 specific channel messages are secured? And I know, you can answer yes
173 to some of these questions. But, security is not just about applying
174 encryption to traffic and SILC is not just about `encrypting the
175 traffic`. You cannot make insecure protocol suddenly secure just by
176 encrypting the traffic. SILC is not meant to be IRC replacement. IRC
177 is good for some things, SILC is good for same and some other things.
179 Q: Can I talk from SILC network to IRC network?
180 A: Simple answer for this is No. The protocols are not compatible
181 which makes it impossible to directly talk from SILC network to IRC
182 network or vice versa. Developing a gateway between these two networks
183 would technically be possible but from security point of view strongly
184 not recommended. We have no plans for developing such a gateway.
186 Q: Does SILC support file transfer?
187 A: Yes. The SILC protocol support SFTP as mandatory file transfer
188 protocol. It provides simple client to client file transfer, but also
189 a possibility for file and directory manipulation. Even though the
190 SFTP is the file transfer protocol the support for file transferring
191 has been done so that practically any file transfer protocol may be
192 used with SILC protocol.
194 Q: Does SILC support DCC or alike?
195 A: SILC does not support the DCC commonly used in IRC. It does not
196 need it since it has builtin support for same features that DCC have.
197 You can transfer files securely and encrypted directly with another
198 client. You can also negotiate secret key material with another client
199 directly to use it in private message encryption. The private messages
200 are not, however sent directly between clients. The protocol, on the
201 hand does not prohibit sending messages directly between clients if
202 the implementation would support it. The current SILC Client
203 implementation does not support it. This means that private messages
204 travel through the SILC Network. SILC protocol also has a capability
205 to support DCC and CTCP like protocols with SILC. None of them,
206 however have not been defined to be used with SILC at the present
209 Q: I am behind a firewall, can I use SILC?
210 A: Yes. If your network administrator can open the remote port 706
211 (TCP) you can use SILC without problems. You may also compile your
212 SILC client with SOCKS support which will proxy your SILC session
213 through the firewall.
215 Q: How secure SILC really is?
216 A: We have tried to make SILC as secure as possible. However, there is
217 no security protocol or security software that has not been vulnerable
218 to some sort of attacks. SILC is in no means different from this. So,
219 it is suspected that there are security holes in the SILC. These holes
220 just need to be found so that they can be fixed. SILC's security
221 features has been developed from attacker's point of view, and we've
222 tried to find all the possible attacks and guard the protocol against
225 But to give you some parameters of security SILC uses the most secure
226 crytographic algorithms such as AES (Rijndael), Twofish, Blowfish,
227 RC5, etc. SILC does not have DES or 3DES as DES is insecure and 3DES
228 is just too slow. SILC also uses cryptographically strong random
229 number generator when it needs random numbers. Public key cryptography
230 uses RSA (PKCS #1) and Diffie-Hellman algorithms. Key lengths for
231 ciphers are initially set to 256. For public key algorithms the
232 starting key length is 1024 bits.
234 But the best answer for this question is that SILC is as secure as its
235 weakest link. SILC is open and the protocol is open and in public thus
236 open for security analysis.
238 To give a list of attacks that are ineffective against SILC:
240 - Man-in-the-middle attacks are ineffective if proper public key
241 infrastructure is used, and if all public keys are always verified.
242 - IP spoofing is ineffective (because of encryption and trusted keys).
243 - Attacks that change the contents of the data or add extra data to
244 the packets are ineffective (because of encryption and integrity
246 - Passive attacks (listenning network traffic) are ineffective
247 (because of encryption). Everything is encrypted including
248 authentication data such as passwords when they are needed.
249 - Any sort of cryptanalytic attacks are tried to make ineffective by
250 using the best cryptographic algorithms out there, and by designing
251 the protocol to guard against them.
253 Q: Does SILC support instant messaging?
254 A: SILC is not an instant message (IM) system, like ICQ and the
255 others. SILC is more IRC like system, "real-time", connection-oriented
256 chat and that kind of stuff. But I guess IRC is too sometimes called
257 an Instant Messaging system.
259 Q: Why SILC does not have LINKS command like in IRC?
260 A: It was felt that this information as an own command in SILC is not
261 necessary. Moreover, the topology of the network might be undisclosed
262 information even though the servers and routers in the network are
263 still open. We feel that the network topology information, if it is
264 wanted to be public, and the list of accessible servers can be made
265 available in other ways than providing command like LINKS, which shows
266 the active server links in IRC.
268 Q: Why SILC does not have STATS command like in IRC?
269 A: This too was considered as information that the protocol should not
270 address. We feel that server implementations will need to implement
271 some sort of adminstrative plugin, or module which provides various
272 means of accessing statistical and other information in the server.
273 And, we do consider this implementation issue, not protocol design
276 Q: Is anyone outside a channel able to see the channel messages?
277 A: A short answer is simply No. A longer answer involves assumptions
278 about security conditions. Initially channel keys are generated by the
279 server, so if the server would get compromised it would be possible
280 for an adversary to see the messages. However, users on the channel
281 can prevent this even if the server would be compromised. It is
282 possible to set so called channel private key that only the users on
283 the channel know about. The servers does not know about the key, and
284 therefore cannot see the messages even if they would be compromised.
285 So, longer answer results into same as the short one; No.
287 Q: Is it true that all messages are encrypted in SILC?
288 A: Most definitely yes. The SILC protocol makes it impossible to send
289 unencrypted messages or packets to the SILC network. All messages are
290 always encrypted, either using session keys, or other secret keys such
291 as channel keys or private message keys.
293 Q: Can server or SILC operator gain operator mode on a channel?
294 A: They cannot get operator status, founder status, join invite only
295 channels, escape active bans, escape user limits or anything alike,
296 without explicitly being allowed. Only way to get channel operator
297 status is that someone ops him. Server and SILC operators in the
298 network are normal users with the extra privileges of being able to
299 adminstrate their server. They cannot do anything more than a normal
302 Q: I have suggestions to SILC Protocol, what can I do?
303 A: All suggestions and improvements are of course welcome. You should
304 read the protocol specifications first to check out whether your idea
305 is covered by them already. The best place to make your idea public is
306 the SILC development mailing list. You might want to checkout the TODO
307 list from the CVS as well.
311 Q: Where can I find SILC clients?
312 A: The SILC client is available for free download from the silcnet.org
313 web page. Some people have also mentioned words Java and Perl when
314 talking about SILC clients. Nothing has appeared yet, though.
316 Q: Can I use SILC with IRC client and vice versa?
317 A: Generally the answer would be no for both. However, there exist
318 already at least one IRC client that supports SILC, the Irssi client.
319 The current SILC client is actually based on the user interface of the
320 Irssi client. So, yes it is possible to use SILC with some IRC clients
321 and vice versa. But, this does not mean that you can talk from SILC
322 network to IRC network, that is not possible.
324 Q: The default theme sucks, where can I find a better one?
325 A: The Irssi SILC client's theme files are almost 100% compatible with
326 the original Irssi IRC client's themes. You can get those theme files
327 from the Irssi project website. You can also try to make a better
330 Q: How do I send a private message?
331 A: Sending private message is done by using the MSG command. For
332 example, command: /MSG john hello, will send a `hello' message to a
333 nickname `john'. By default private messages are secured with session
334 keys, and the message is re-encrypted by the servers when the message
335 travels to the receiver. If you would like to secure the private
336 messages with a private key, you can negotiate a secret key with the
337 receiver. Always remember to give WHOIS command before sending a
338 private message to assure that you are sending the message to correct
341 Q: How do I negotiate secret key with another user?
342 A: It is important to negotiate secret keys if you cannot trust the
343 servers and the network you are using. By negotiating a key with the
344 user you want to talk to assures that no one except you and your
345 friend is able to encrypt and decrypt the messages. The secret key
346 negotiation is done with the KEY command. Here is an example of how to
347 negotiate keys for securing private messages.
349 By giving command: /KEY MSG john agreement 192.168.2.100, you will
350 send a key negotiation request to a nickname `john'. The 192.168.2.100
351 IP address would be your machine's IP address. You can also define an
352 port to the KEY command after the IP address. If you do not do that
353 the operating system will bind to a port of its choosing. John will
354 receive a notification on the screen that you would like to negotiate
355 secret keys with him, and he will receive the IP address and port
356 where you are listenning for the negotiation. When he gives command:
357 /KEY MSG You negotiate 192.168.2.100 31382, the key negotiation is
358 started. During the key negotiation you will be prompted on the screen
359 to verify and accept John's public key if you do not have his public
360 key already. The John will be prompted to accept your public key as
361 well. After the key negotiation is over all private messages sent
362 between you and John are secured with the negotiated secret key. Note
363 that you must verify the public key you are prompted for, and this is
364 very important since someone could be doing man-in-the-middle attack.
366 Q: How do I negotiate secret keys behind a NAT?
367 A: If only you are behind a NAT, or firewall then key negotiation
368 works, but if both you and your friend are behind a NAT then key
369 negotiation will not work, since it is done peer to peer. If you are
370 behind a NAT then you obviously cannot receive key negotiations, and
371 cannot bind to any IP address and port. However, you can still use KEY
372 command to negotiate the keys.
374 By giving command: /KEY MSG john agreement, without any other
375 arguments (such as IP address and port) you will send a negotiation
376 request to John, but do not provide an address and port for the John
377 to connect to. When John receives the notification on the screen that
378 you would like to perform key negotiation, he can give command: /KEY
379 MSG You agreement 172.16.100.78, which will send key negotiation
380 request back to you. You will receive the IP address and port where
381 you need to connect in order to perform the negotiation. After
382 receiving the notification you can give command: /KEY MSG john
383 negotiate 172.16.100.78 31181, which will start the key negotiation
384 with John. This way you can negotiate the keys if you are behind a
387 Q: How do I change channel modes?
388 A: The command to manage channel modes is CMODE. With this command you
389 can change the channel status (to change it to secret channel for
390 example), set user limit on the channel, passphrase for the channel,
391 set the channel to use private keys on channel, and set the founder
394 Q: What does the founder mode on channel mean, and how do I set it?
395 A: Who ever creates the channel by being the first user to join the
396 channel becomes automatically the founder of the channel. Founder has
397 some extra privileges on the channel. For example, it is not possible
398 to kick the founder off the channel, and there are some channel modes
399 that only the founder of the channel can change. If the creator of the
400 channel wishes to preserve the channel founder mode even if he leave
401 the channel he can set the founder mode for the channel.
403 The mode is set by giving command: /CMODE #channel +f -pubkey. This
404 will set the founder mode and will use the public key of the founder
405 as authenticator when the user is reclaiming the mode back. If the
406 founder leaves the channel he will be able to get the founder mode
407 back by using JOIN or CUMODE commmands. Giving command /JOIN #channel
408 -founder -pubkey, will get the founder mode back at the same time he
409 joins the channel, or giving commmand /CUMODE #channel +f -pubkey,
410 will also give the founder mode back on the channel after he has
413 If the channel is destroyed after the last client leaves the channel,
414 the founder mode is also reset. Who ever creates the channel after
415 that will also get the channel founder mode automatically. Note also
416 that the founder mode is local. You can reclaim the mode back only on
417 the same server where you set the founder mode in the first place.
419 Q: I am founder of invite only channel, how can I join the channel
420 after I have left it?
421 A: Founder can override the invite only status by reclaiming the
422 founder status on the channel using the JOIN command. The channel must
423 have the founder mode set in order for it to work. Reclaiming founder
424 status using JOIN command is important also if the channel has user
425 limit set, and has active bans. Founder can override these conditions
426 as well. However, founder cannot override the passphrase of the
427 channel if it is set. To get the founder mode during JOIN and to
428 override the invite only condition, give command: /JOIN #channel
429 -founder -pubkey. This will join the channel and attempt to reclaim
430 the founder status back to you. Note that you need to be on the same
431 server where you gave the founder mode for the channel for this to
434 Q: How can I op or deop somebody on channel?
435 A: Giving operator status, or removing the operator status on a
436 channel requires you to have at least operator status, or founder
437 status on the channel. You can give operator status to another user by
438 using CUMODE command. To give ops give the command: /CUMODE #channel
439 +o john, and to remove ops give command: /CUMODE #channel -o john. To
440 indicate current channel you can also use `*' character in #channel's
443 Q: How do I set private key for channel, and what does that mean
445 A: Setting private key for channel requires first to set the private
446 key mode for the channel. You need to be the founder of the channel to
447 be able to do this. Give the command: /CMODE #channel +k. After this
448 mode is set the old channel key will not be used to encrypt and
449 decrypt channel messages. To set the key for the channel use the KEY
450 command. Every user on the channel must do the same thing and set the
451 same key. If some user on the channel does not set the key (or does
452 not know the key) he won't be able to see any messages on the channel.
453 Give the command: /KEY CHANNEL #channel set verysecretkey. This
454 command will set the `verysecretkey' passphrase as key to the
455 #channel. How exactly other users will know this key is out of scope
456 of the SILC protocol. SILC does not provide yet a possibility of
457 negotiating secret key with many users at the same time. For this
458 reason the secret key on the channel is usually a passphrase or a
459 password that all users on the channel have to know. Setting a private
460 key for channel means that only the users on the channel who know the
461 key is able to encrypt and decrypt messages. Servers do not know the
462 key at all. If you remove the private key mode from the channel, all
463 users will start automatically using a new channel key to secure
466 Q: How do I transfer a file?
467 A: You can transfer files securely using the FILE command. This
468 command will automatically negotiate secret key with the remote user
469 and the file transfer stream is secured using that key. The file
470 transfer stream is always sent peer to peer. If you would like to send
471 a file to another user you can give command: /FILE SEND
472 path/to/the/file john. This command sends, or actually makes the
473 `path/to/the/file' available for download for the user `john'. The
474 John will decide whether he wants to actually download the file. When
475 John gives the command: /FILE RECEIVE, the key negotiation is started.
476 You and John will be prompted to verify and accept each other's public
477 key if you do not have it cached already. After key negotiation is
478 over the file transfer process starts. If you want to cancel the file
479 transfer session, or if John wants to reject the file transfer
480 request, giving the command: /FILE CLOSE will close the session.
482 Q: How can I get other users public keys?
483 A: You can get a user's public key using the GETKEY command. This
484 command will fetch the user's public key from the server where the
485 user has connected to. The server has verified that the user posesses
486 the corresponding private key, however, you will be prompted to verify
487 and accept the public key. All client public keys are saved in your
488 local key directory in ~/.silc/clientkeys/. You can also receive
489 clients public keys during key negotiation and file transfers. The
490 GETKEY command can be used to fetch a server's public key as well.
491 Those keys are saved in ~/.silc/serverkeys/ directory.
493 Q: How can I see the fingerprint of my public key?
494 A: You can check out your own fingerprint by giving just WHOIS command
495 without any arguments. Additionally you can also dump the contents of
496 the key file using the silc program and giving -S option to it. Your
497 own public key is always saved in ~/.silc/public_key.pub file. To dump
498 your key run silc as: silc -S .silc/public_key.pub. The same way you
499 can dump the contents of any public key inside ~/.silc/clientkeys/ and
500 ~/.silc/serverkeys/ directories. The WHOIS command will also show
501 other users public key fingerprints.
503 Q: I gave WHOIS to a nick, and it returned multiple replies, why?
504 A: This will happen if there are several same nicknames in the network
505 at the same time. As you may already know nicknames are not unique in
506 SILC network. This means there can be multiple same nicknames. This
507 also means that you can always have the nickname you want. If WHOIS
508 returns multiple replies, you can distinguish the users by their
509 realname, username, hostname and ultimately by the fingerprint of
510 their public key, which the WHOIS will also show. You will also notice
511 an additional nickname inside a parenthesis. It may show for example:
512 nickname: John (John@otaku). The real nickname is `John', but since
513 there are many John's in the network you can access this one using
514 `John@otaku'. So, if you were to send private message to this
515 particular John you can do it by giving command: /MSG John@otaku
516 hello. This will send `hello' message to the John@otaku.
518 Q: Is there a command to see all linked servers?
519 A: No there is not. For longer answer see also this FAQ.
521 Q: How do I list the users of a channel?
522 A: The command to list all users on a particular channel is USERS. It
523 is also aliased to WHO command in Irssi SILC Client. To see the users
524 of the current channel give the command: /USERS *. You can replace the
525 `*' with the channel name of your choosing. If the channel is private
526 or secret channel, and you have not joined the channel, you cannot
527 list the users of that channel.
529 Q: What is the difference between OPER and SILCOPER commands?
530 A: The OPER command is used to gain server operator privileges on
531 normal SILC server, while SILCOPER is used to gain router operator
532 (also known as SILC operator) privileges on router server. You cannot
533 use SILCOPER command on normal SILC server, it works only on router
538 Q: Where can I find SILC servers?
539 A: The SILC server is available for free download from the silcnet.org
540 web page. We are not aware of any other SILC server implementations,
543 Q: Can I run my own SILC server?
544 A: Yes of course. Download the SILC server package, compile and
545 install it. Be sure to check out the installation instructions and the
546 README file. You also should decide whether you want to run SILC
547 server or SILC router.
549 Q: What is the difference between SILC server and SILC router?
550 A: The topology of the SILC network includes SILC routers and the SILC
551 servers (and SILC clients of course). Normal SILC server does not have
552 direct connections with other SILC servers. They connect directly to
553 the SILC router. SILC Routers may have several server connections and
554 they may connect to several SILC routers. The SILC routers are the
555 servers in the network that know everything about everything. The SILC
556 servers know only local information and query global information from
557 the router when necessary.
559 If you are running SILC server you want to run it as router only if
560 you want to have server connections in it and are prepared to accept
561 server connections. You also need to get the router connected to some
562 other router to be able to join the SILC network. You may run the
563 server as normal SILC server if you do not want to accept other server
564 connections or cannot run it as router.
566 Q: Why server says permission denied to write to a log file?
567 A: The owner of the log files must be same user that the server is run
568 under, by default it is user `nobody'. Just change the permissions and
571 Q: When I connect to my server it says "server does not support one of
572 your proposed ciphers", what is wrong?
573 A: Most likely the ciphers and others has not been compiled as SIMs
574 (modules) and they are configured as modules in the silcd.conf. If
575 they are not compiled as modules remove the module paths from the
576 ciphers and hash functions from the silcd.conf, so that the server use
577 the builtin ciphers. Then try connecting to the server again. It is
578 also possible that the client IS proposing some ciphers that your
579 server does not support.
581 Q: Why SILC server runs on privileged port 706?
582 A: Ports 706/tcp and 706/udp have been assigned for the SILC protocol
583 by IANA. Server on the network listening above privileged ports
584 (>1023) SHOULD NOT be trusted as it could have been set up by
585 untrusted party. The server normally drops root privileges after
586 startup and then run as user previously defined in silcd.conf.
588 Q: I see [Unknown] in the log file, what does it mean?
589 A: You can see in the log file for example: [Info] Closing connection
590 192.168.78.139:3214 [Unknown]. The [Unknown] means that the connection
591 was not authenticated yet, and it is not known whether the connection
592 was a client, server or router. There will appear [Client], [Server]
593 or [Router] if the connection is authenticated at that point.
597 Q: What is SILC Toolkit?
598 A: SILC Toolkit is a package intended for software developers who
599 would like to develope their own SILC based applications or help in
600 the development of the SILC. The Toolkit includes SILC Protocol Core
601 library, SILC Crypto library, SILC Key Exchange (SKE) library, SILC
602 Math library, SILC Modules (SIM) library, SILC Utility library, SILC
603 Client library and few other libraries.
605 Q: Is the SILC Toolkit Reference Manual Available?
606 A: Yes, partially completed reference manual is available in the
607 Toolkit releases as HTML package and they are available from the
608 silcnet.org website as well at the documentation page.
610 Q: How do I compile the Toolkit on Unix?
611 A: You should read the INSTALL file from the package and follow its
612 instructions. The compilation on Unix is as simple as compiling any
613 other SILC package. Give, `./configure' command and then `make'
616 Q: How do I compile the Toolkit on Win32?
617 A: We have prepared instructions to compile the Toolkit on Win32 in
618 the Toolkit package. Please, read the README.WIN32 file from the
619 package for detailed instructions how to compile the Toolkit for
620 Cygwin, MinGW and native Win32 systems. We have also prepared ready
621 MSVC++ Workspace files in the win32/ directory in the package that
622 will compile automatically the Toolkit.
624 Q: Does the Toolkit package include any sample code?
625 A: Yes, naturally. It includes sample codes for two different SILC
626 Client implementations, and SILC Server. The silcer/ directory
627 includes a simple GUI client based on GTK--, and Win32 samples are
628 included in the win32/ directory, for simple client.