1 Frequently Asked Questions
5 1.2 When was SILC Project started?
6 1.3 Why SILC in the first place?
7 1.4 What license covers the SILC release?
8 1.5 Why SILC? Why not IRC3?
9 1.6 What platforms SILC supports?
10 1.7 How do you pronounce SILC?
11 1.8 Where can I find more information?
12 1.9 I would like to help out, what can I do?
15 2.1 What is the status of SILC protocol in the IETF?
16 2.2 How much the SILC protocol is based on IRC?
17 2.3 Why use SILC? Why not IRC with SSL?
18 2.4 Can I talk from SILC network to IRC network?
19 2.5 Does SILC support file transfer?
20 2.6 Does SILC support DCC or alike?
21 2.7 I am behind a firewall, can I use SILC?
22 2.8 How secure SILC really is?
23 2.9 Does SILC support instant messaging?
24 2.10 Why SILC does not have LINKS command like in IRC?
25 2.11 Why SILC does not have STATS command like in IRC?
26 2.12 Is anyone outside a channel able to see the channel
28 2.13 How can I register my channel in SILC?
29 2.14 Is it true that all messages are encrypted in SILC?
30 2.15 Can server or SILC operator gain operator mode on a channel?
31 2.16 Channel name doesn't have #-character or does it?
32 2.17 I have suggestions to SILC Protocol, what can I do?
35 3.1 Where can I find SILC clients?
36 3.2 Can I use SILC with IRC client and vice versa?
37 3.3 The default theme sucks, where can I find a better one?
38 3.4 How do I send a private message?
39 3.5 How do I negotiate secret key with another user?
40 3.6 How do I negotiate secret keys behind a NAT?
41 3.7 How do I change channel modes?
42 3.8 What does the founder mode on channel mean, and how do I set
44 3.9 I am founder of invite only channel, how can I join the
45 channel after I have left it?
46 3.10 How can I op or deop somebody on channel?
47 3.11 How do I set private key for channel, and what does that
49 3.12 How do I transfer a file?
50 3.13 How can I get other users public keys?
51 3.14 How can I see the fingerprint of my public key?
52 3.15 I gave WHOIS to a nick, and it returned multiple replies,
54 3.16 Is there a command to see all linked servers?
55 3.17 How do I list the users of a channel?
56 3.18 What is the difference between OPER and SILCOPER commands?
57 3.19 My Cygwin client crashes with message "Couldn't create
59 3.20 Why /join #silc and /join silc doesn't join the same
63 4.1 Where can I find SILC servers?
64 4.2 Can I run my own SILC server?
65 4.3 What is the difference between SILC server and SILC router?
66 4.4 Why server says permission denied to write to a log file?
67 4.5 When I connect to to my server, it says "server does not
68 support one of your proposed cipher", what is wrong?
69 4.6 Why SILC server runs on privileged port 706?
70 4.7 I see [Unknown] in the log file, what does it mean?
71 4.8 How can I generate a new server key pair?
74 5.1 What is SILC Toolkit?
75 5.2 Is the SILC Toolkit Reference Manual Available?
76 5.3 How do I compile the Toolkit on Unix?
77 5.4 How do I compile the Toolkit on Win32?
78 5.5 Does the Toolkit package include any sample code?
83 A: SILC (Secure Internet Live Conferencing) is a protocol which
84 provides secure conferencing services in the Internet over insecure
85 channel. SILC is IRC like although internally they are very different.
86 Biggest similarity between SILC and IRC is that they both provide
87 conferencing services and that SILC has almost same commands as IRC.
88 Other than that they are nothing alike.
90 Biggest differences are that SILC is secure what IRC is not in any
91 way. The network model is also entirely different compared to IRC.
93 Q: When was SILC Project started?
94 A: The SILC development started in 1996 and early 1997. But, for
95 various reasons it suspended many times until it finally got some wind
96 under its wings in 1999. First public release was in summer 2000.
98 Q: Why SILC in the first place?
99 A: Simply for fun, nothing more. And actually for need back in the
100 days when it was started. When SILC was first developed there really
101 did not exist anything like this. SILC has been very interesting and
104 Q: What license covers the SILC release?
105 A: The SILC software developed here at silcnet.org, the SILC Client,
106 the SILC Server and the SILC Toolkit are covered by the GNU General
109 Q: Why SILC? Why not IRC3?
110 A: Question that is justified no doubt of that. SILC was not started
111 to become a replacement for IRC. SILC was something that didn't exist
112 in 1996 or even today except that SILC is now released. However, I did
113 check out the IRC3 project in 1997 when I started coding and planning
116 But, IRC3 is problematic. Why? Because it still doesn't exist. The
117 project is almost at the same spot where it was in 1997 when I checked
118 it out. And it was old project back then as well. That's the problem
119 of IRC3 project. The same almost happened to SILC as well as I wasn't
120 making real progress over the years. I talked to the original author
121 of IRC, Jarkko Oikarinen, in 1997 and he directed me to the IRC3
122 project, although he said that IRC3 is a lot of talking and not that
123 much of anything else. I am not trying to put down the IRC3 project
124 but its problem is that no one in the project is able to make a
125 decision what is the best way to go about making the IRC3 and I wasn't
126 going to be part of that. The fact is that if I would've gone to IRC3
127 project, nor IRC3 or SILC would exist today. I think IRC3 could be
128 something really great if they just would get their act together and
129 start coding the thing.
131 Q: What platforms SILC supports?
132 A: The SILC Client is available on various Unix systems and is
133 reported to work under cygwin on Windows. The SILC Server also works
134 on various Unix systems. However, the server has not been tested under
135 cygwin as far as we know. The SILC Toolkit is distributed for all
136 platforms, Unix, Cygwin and native Windows.
138 Q: How do you pronounce SILC?
139 A: SILC is usually pronounced as `silk', but you are free to pronounce
142 Q: Where can I find more information?
143 A: For more technical information we suggest reading the SILC Protocol
144 specifications. You might also want to take a look at the
145 documentation page on the web page.
147 Q: I would like to help out, what can I do?
148 A: You might want to take a look at the Contributing page and the TODO
149 list. You might also want to join the SILC development mailing list.
151 2. Protocol Questions
153 Q: What is the status of SILC protocol in the IETF?
154 A: The SILC protocol specifications has been submitted currently as
155 individual submissions. There does not currently exist a working group
156 for this sort of project. Our goal is to fully standardize the SILC
157 and thus submit it as RFC to the IETF at a later time. This can happen
158 only after we have requested the IETF to accept SILC as RFC. As of
159 today, we have not yet even requested this from the IETF. We want to
160 let the protocol mature a bit more.
162 Q: How much SILC Protocol is based on IRC?
163 A: SILC is not based on IRC. The client superficially resembles IRC
164 client but everything that happens under the hood is nothing alike
165 IRC. SILC could *never* support IRC because the entire network
166 toppology is different (hopefully more scalable and powerful). So no,
167 SILC protocol (client or server) is not based on IRC. Instead, We've
168 taken good things from IRC and left all the bad things behind and not
169 even tried to burden the SILC with the IRCs problems that will burden
170 IRC and future IRC projects till the end. SILC client resembles IRC
171 client because it is easier for new users to start using SILC when
172 they already know all the commands.
174 Q: Why use SILC? Why not IRC with SSL?
175 A: Sure, that is possible, although, does that secure the entire IRC
176 network? And does that increase or decrease the lags and splits in the
177 IRC network? Does that provide user based security where some specific
178 private message are secured? Does that provide security where some
179 specific channel messages are secured? And I know, you can answer yes
180 to some of these questions. But, security is not just about applying
181 encryption to traffic and SILC is not just about `encrypting the
182 traffic`. You cannot make insecure protocol suddenly secure just by
183 encrypting the traffic. SILC is not meant to be IRC replacement. IRC
184 is good for some things, SILC is good for same and some other things.
186 Q: Can I talk from SILC network to IRC network?
187 A: Simple answer for this is No. The protocols are not compatible
188 which makes it impossible to directly talk from SILC network to IRC
189 network or vice versa. Developing a gateway between these two networks
190 would technically be possible but from security point of view strongly
191 not recommended. We have no plans for developing such a gateway.
193 Q: Does SILC support file transfer?
194 A: Yes. The SILC protocol support SFTP as mandatory file transfer
195 protocol. It provides simple client to client file transfer, but also
196 a possibility for file and directory manipulation. Even though the
197 SFTP is the file transfer protocol the support for file transferring
198 has been done so that practically any file transfer protocol may be
199 used with SILC protocol.
201 Q: Does SILC support DCC or alike?
202 A: SILC does not support the DCC commonly used in IRC. It does not
203 need it since it has builtin support for same features that DCC have.
204 You can transfer files securely and encrypted directly with another
205 client. You can also negotiate secret key material with another client
206 directly to use it in private message encryption. The private messages
207 are not, however sent directly between clients. The protocol, on the
208 other hand does not prohibit sending messages directly between clients
209 if the implementation would support it. The current SILC Client
210 implementation does not support it. This means that private messages
211 travel through the SILC Network. SILC protocol also has a capability
212 to support DCC and CTCP like protocols with SILC. None of them,
213 however have not been defined to be used with SILC at the present
216 Q: I am behind a firewall, can I use SILC?
217 A: Yes. If your network administrator can open the remote port 706
218 (TCP) you can use SILC without problems. You may also compile your
219 SILC client with SOCKS support which will proxy your SILC session
220 through the firewall.
222 Q: How secure SILC really is?
223 A: We have tried to make SILC as secure as possible. However, there is
224 no security protocol or security software that has not been vulnerable
225 to some sort of attacks. SILC is in no means different from this. So,
226 it is suspected that there are security holes in the SILC. These holes
227 just need to be found so that they can be fixed. SILC's security
228 features has been developed from attacker's point of view, and we've
229 tried to find all the possible attacks and guard the protocol against
232 But to give you some parameters of security SILC uses the most secure
233 crytographic algorithms such as AES (Rijndael), Twofish, Blowfish,
234 RC5, etc. SILC does not have DES or 3DES as DES is insecure and 3DES
235 is just too slow. SILC also uses cryptographically strong random
236 number generator when it needs random numbers. Public key cryptography
237 uses RSA (PKCS #1) and Diffie-Hellman algorithms. Key lengths for
238 ciphers are initially set to 256. For public key algorithms the
239 starting key length is 1024 bits.
241 But the best answer for this question is that SILC is as secure as its
242 weakest link. SILC is open and the protocol is open and in public thus
243 open for security analysis.
245 To give a list of attacks that are ineffective against SILC:
247 - Man-in-the-middle attacks are ineffective if proper public key
248 infrastructure is used, and if all public keys are always verified.
249 - IP spoofing is ineffective (because of encryption and trusted keys).
250 - Attacks that change the contents of the data or add extra data to
251 the packets are ineffective (because of encryption and integrity
253 - Passive attacks (listenning network traffic) are ineffective
254 (because of encryption). Everything is encrypted including
255 authentication data such as passwords when they are needed.
256 - Any sort of cryptanalytic attacks are tried to make ineffective by
257 using the best cryptographic algorithms out there, and by designing
258 the protocol to guard against them.
260 Q: Does SILC support instant messaging?
261 A: SILC is not an instant message (IM) system, like ICQ and the
262 others. SILC is more IRC like system, "real-time", connection-oriented
263 chat and that kind of stuff. But I guess IRC is too sometimes called
264 an Instant Messaging system.
266 Q: Why SILC does not have LINKS command like in IRC?
267 A: It was felt that this information as an own command in SILC is not
268 necessary. Moreover, the topology of the network might be undisclosed
269 information even though the servers and routers in the network are
270 still open. We feel that the network topology information, if it is
271 wanted to be public, and the list of accessible servers can be made
272 available in other ways than providing command like LINKS, which shows
273 the active server links in IRC.
275 Q: Why SILC does not have STATS command like in IRC?
276 A: This too was considered as information that the protocol should not
277 address. We feel that server implementations will need to implement
278 some sort of adminstrative plugin, or module which provides various
279 means of accessing statistical and other information in the server.
280 And, we do consider this implementation issue, not protocol design
283 Q: Is anyone outside a channel able to see the channel messages?
284 A: A short answer is simply No. A longer answer involves assumptions
285 about security conditions. Initially channel keys are generated by the
286 server, so if the server would get compromised it would be possible
287 for an adversary to see the messages. However, users on the channel
288 can prevent this even if the server would be compromised. It is
289 possible to set so called channel private key that only the users on
290 the channel know about. The servers does not know about the key, and
291 therefore cannot see the messages even if they would be compromised.
292 So, longer answer results into same as the short one; No.
294 Q: How can I register my channel in SILC?
295 A: There is no channel registration in SILC. When you join a
296 non-existing channel, it is created and it will exist until the last
297 person leaves it. When you join a new channel you became the founder
298 (see also Q: What does the founder mode on channel mean, and how do I
299 set it? and Q: I am founder of invite only channel, how can I join the
300 channel after I have left it?) and you can preserve your founder
301 status while the channel exists. Cell or network wide founder status
302 or persistent founder status (preserving even empty channels for
303 limited time) is a debated TODO item and it may or may not happen. If
304 it does, its effect could be similar to channel registration.
306 Q: Is it true that all messages are encrypted in SILC?
307 A: Most definitely yes. The SILC protocol makes it impossible to send
308 unencrypted messages or packets to the SILC network. All messages are
309 always encrypted, either using session keys, or other secret keys such
310 as channel keys or private message keys.
312 Q: Can server or SILC operator gain operator mode on a channel?
313 A: They cannot get operator status, founder status, join invite only
314 channels, escape active bans, escape user limits or anything alike,
315 without explicitly being allowed. Only way to get channel operator
316 status is that someone ops him. Server and SILC operators in the
317 network are normal users with the extra privileges of being able to
318 adminstrate their server. They cannot do anything more than a normal
321 Q: Channel name doesn't have #-character or does it?
322 A: The #-character is not mandatory part of channel name, like it is
323 in IRC. This means that giving the command /JOIN #silc and /JOIN silc
324 will join to different channels. This is intentional since the
325 #-character clearly is IRC feature and has nothing to do with SILC. If
326 you want it to have the character then just join to the channel with
327 #-character in the name.
329 Q: I have suggestions to SILC Protocol, what can I do?
330 A: All suggestions and improvements are of course welcome. You should
331 read the protocol specifications first to check out whether your idea
332 is covered by them already. The best place to make your idea public is
333 the SILC development mailing list. You might want to checkout the TODO
334 list from the CVS as well.
338 Q: Where can I find SILC clients?
339 A: The SILC client is available for free download from the silcnet.org
340 web page. Some people have also mentioned words Java and Perl when
341 talking about SILC clients. Nothing has appeared yet, though.
343 Q: Can I use SILC with IRC client and vice versa?
344 A: Generally the answer would be no for both. However, there exist
345 already at least one IRC client that supports SILC, the Irssi client.
346 The current SILC client is actually based on the user interface of the
347 Irssi client. So, yes it is possible to use SILC with some IRC clients
348 and vice versa. But, this does not mean that you can talk from SILC
349 network to IRC network, that is not possible.
351 Q: The default theme sucks, where can I find a better one?
352 A: The Irssi SILC client's theme files are almost 100% compatible with
353 the original Irssi IRC client's themes. You can get those theme files
354 from the Irssi project website. You can also try to make a better
357 Q: How do I send a private message?
358 A: Sending private message is done by using the MSG command. For
359 example, command: /MSG john hello, will send a `hello' message to a
360 nickname `john'. By default private messages are secured with session
361 keys, and the message is re-encrypted by the servers when the message
362 travels to the receiver. If you would like to secure the private
363 messages with a private key, you can negotiate a secret key with the
364 receiver. Always remember to give WHOIS command before sending a
365 private message to assure that you are sending the message to correct
368 Q: How do I negotiate secret key with another user?
369 A: It is important to negotiate secret keys if you cannot trust the
370 servers and the network you are using. By negotiating a key with the
371 user you want to talk to assures that no one except you and your
372 friend is able to encrypt and decrypt the messages. The secret key
373 negotiation is done with the KEY command. Here is an example of how to
374 negotiate keys for securing private messages.
376 By giving command: /KEY MSG john agreement 192.168.2.100, you will
377 send a key negotiation request to a nickname `john'. The 192.168.2.100
378 IP address would be your machine's IP address. You can also define an
379 port to the KEY command after the IP address. If you do not do that
380 the operating system will bind to a port of its choosing. John will
381 receive a notification on the screen that you would like to negotiate
382 secret keys with him, and he will receive the IP address and port
383 where you are listenning for the negotiation. When he gives command:
384 /KEY MSG You negotiate 192.168.2.100 31382, the key negotiation is
385 started. During the key negotiation you will be prompted on the screen
386 to verify and accept John's public key if you do not have his public
387 key already. The John will be prompted to accept your public key as
388 well. After the key negotiation is over all private messages sent
389 between you and John are secured with the negotiated secret key. Note
390 that you must verify the public key you are prompted for, and this is
391 very important since someone could be doing man-in-the-middle attack.
393 Q: How do I negotiate secret keys behind a NAT?
394 A: If only you are behind a NAT, or firewall then key negotiation
395 works, but if both you and your friend are behind a NAT then key
396 negotiation will not work, since it is done peer to peer. If you are
397 behind a NAT then you obviously cannot receive key negotiations, and
398 cannot bind to any IP address and port. However, you can still use KEY
399 command to negotiate the keys.
401 By giving command: /KEY MSG john agreement, without any other
402 arguments (such as IP address and port) you will send a negotiation
403 request to John, but do not provide an address and port for the John
404 to connect to. When John receives the notification on the screen that
405 you would like to perform key negotiation, he can give command: /KEY
406 MSG You agreement 172.16.100.78, which will send key negotiation
407 request back to you. You will receive the IP address and port where
408 you need to connect in order to perform the negotiation. After
409 receiving the notification you can give command: /KEY MSG john
410 negotiate 172.16.100.78 31181, which will start the key negotiation
411 with John. This way you can negotiate the keys if you are behind a
414 Q: How do I change channel modes?
415 A: The command to manage channel modes is CMODE. With this command you
416 can change the channel status (to change it to secret channel for
417 example), set user limit on the channel, passphrase for the channel,
418 set the channel to use private keys on channel, and set the founder
421 Q: What does the founder mode on channel mean, and how do I set it?
422 A: Who ever creates the channel by being the first user to join the
423 channel becomes automatically the founder of the channel. Founder has
424 some extra privileges on the channel. For example, it is not possible
425 to kick the founder off the channel, and there are some channel modes
426 that only the founder of the channel can change. If the creator of the
427 channel wishes to preserve the channel founder mode even if he leave
428 the channel he can set the founder mode for the channel.
430 The mode is set by giving command: /CMODE #channel +f -pubkey. This
431 will set the founder mode and will use the public key of the founder
432 as authenticator when the user is reclaiming the mode back. If the
433 founder leaves the channel he will be able to get the founder mode
434 back by using JOIN or CUMODE commmands. Giving command /JOIN #channel
435 -founder -pubkey, will get the founder mode back at the same time he
436 joins the channel, or giving commmand /CUMODE #channel +f -pubkey,
437 will also give the founder mode back on the channel after he has
440 If the channel is destroyed after the last client leaves the channel,
441 the founder mode is also reset. Who ever creates the channel after
442 that will also get the channel founder mode automatically. Note also
443 that the founder mode is local. You can reclaim the mode back only on
444 the same server where you set the founder mode in the first place.
446 Q: I am founder of invite only channel, how can I join the channel
447 after I have left it?
448 A: Founder can override the invite only status by reclaiming the
449 founder status on the channel using the JOIN command. The channel must
450 have the founder mode set in order for it to work. Reclaiming founder
451 status using JOIN command is important also if the channel has user
452 limit set, and has active bans. Founder can override these conditions
453 as well. However, founder cannot override the passphrase of the
454 channel if it is set. To get the founder mode during JOIN and to
455 override the invite only condition, give command: /JOIN #channel
456 -founder -pubkey. This will join the channel and attempt to reclaim
457 the founder status back to you. Note that you need to be on the same
458 server where you gave the founder mode for the channel for this to
461 Q: How can I op or deop somebody on channel?
462 A: Giving operator status, or removing the operator status on a
463 channel requires you to have at least operator status, or founder
464 status on the channel. You can give operator status to another user by
465 using CUMODE command. To give ops give the command: /CUMODE #channel
466 +o john, and to remove ops give command: /CUMODE #channel -o john. To
467 indicate current channel you can also use `*' character in #channel's
470 Q: How do I set private key for channel, and what does that mean
472 A: Setting private key for channel requires first to set the private
473 key mode for the channel. You need to be the founder of the channel to
474 be able to do this. Give the command: /CMODE #channel +k. After this
475 mode is set the old channel key will not be used to encrypt and
476 decrypt channel messages. To set the key for the channel use the KEY
477 command. Every user on the channel must do the same thing and set the
478 same key. If some user on the channel does not set the key (or does
479 not know the key) he won't be able to see any messages on the channel.
480 Give the command: /KEY CHANNEL #channel set verysecretkey. This
481 command will set the `verysecretkey' passphrase as key to the
482 #channel. How exactly other users will know this key is out of scope
483 of the SILC protocol. SILC does not provide yet a possibility of
484 negotiating secret key with many users at the same time. For this
485 reason the secret key on the channel is usually a passphrase or a
486 password that all users on the channel have to know. Setting a private
487 key for channel means that only the users on the channel who know the
488 key is able to encrypt and decrypt messages. Servers do not know the
489 key at all. If you remove the private key mode from the channel, all
490 users will start automatically using a new channel key to secure
493 Q: How do I transfer a file?
494 A: You can transfer files securely using the FILE command. This
495 command will automatically negotiate secret key with the remote user
496 and the file transfer stream is secured using that key. The file
497 transfer stream is always sent peer to peer. If you would like to send
498 a file to another user you can give command: /FILE SEND
499 path/to/the/file john. This command sends, or actually makes the
500 `path/to/the/file' available for download for the user `john'. The
501 John will decide whether he wants to actually download the file. When
502 John gives the command: /FILE RECEIVE, the key negotiation is started.
503 You and John will be prompted to verify and accept each other's public
504 key if you do not have it cached already. After key negotiation is
505 over the file transfer process starts. If you want to cancel the file
506 transfer session, or if John wants to reject the file transfer
507 request, giving the command: /FILE CLOSE will close the session.
509 Q: How can I get other users public keys?
510 A: You can get a user's public key using the GETKEY command. This
511 command will fetch the user's public key from the server where the
512 user has connected to. The server has verified that the user posesses
513 the corresponding private key, however, you will be prompted to verify
514 and accept the public key. All client public keys are saved in your
515 local key directory in ~/.silc/clientkeys/. You can also receive
516 clients public keys during key negotiation and file transfers. The
517 GETKEY command can be used to fetch a server's public key as well.
518 Those keys are saved in ~/.silc/serverkeys/ directory.
520 Q: How can I see the fingerprint of my public key?
521 A: You can check out your own fingerprint by giving just WHOIS command
522 without any arguments. Additionally you can also dump the contents of
523 the key file using the silc program and giving -S option to it. Your
524 own public key is always saved in ~/.silc/public_key.pub file. To dump
525 your key run silc as: silc -S .silc/public_key.pub. The same way you
526 can dump the contents of any public key inside ~/.silc/clientkeys/ and
527 ~/.silc/serverkeys/ directories. The WHOIS command will also show
528 other users public key fingerprints.
530 Q: I gave WHOIS to a nick, and it returned multiple replies, why?
531 A: This will happen if there are several same nicknames in the network
532 at the same time. As you may already know nicknames are not unique in
533 SILC network. This means there can be multiple same nicknames. This
534 also means that you can always have the nickname you want. If WHOIS
535 returns multiple replies, you can distinguish the users by their
536 realname, username, hostname and ultimately by the fingerprint of
537 their public key, which the WHOIS will also show. You will also notice
538 an additional nickname inside a parenthesis. It may show for example:
539 nickname: John (John@otaku). The real nickname is `John', but since
540 there are many John's in the network you can access this one using
541 `John@otaku'. So, if you were to send private message to this
542 particular John you can do it by giving command: /MSG John@otaku
543 hello. This will send `hello' message to the John@otaku.
545 Q: Is there a command to see all linked servers?
546 A: No there is not. For longer answer see also this FAQ.
548 Q: How do I list the users of a channel?
549 A: The command to list all users on a particular channel is USERS. It
550 is also aliased to WHO command in Irssi SILC Client. To see the users
551 of the current channel give the command: /USERS *. You can replace the
552 `*' with the channel name of your choosing. If the channel is private
553 or secret channel, and you have not joined the channel, you cannot
554 list the users of that channel.
556 Q: What is the difference between OPER and SILCOPER commands?
557 A: The OPER command is used to gain server operator privileges on
558 normal SILC server, while SILCOPER is used to gain router operator
559 (also known as SILC operator) privileges on router server. You cannot
560 use SILCOPER command on normal SILC server, it works only on router
563 Q: My Cygwin client crashes with message "Couldn't create //.silc
565 A: A solutions should be setting HOME enviroment variable to the
566 directory where you have unpacked your SILC Client. Type to your
567 command prompt something like:
570 Q: Why /join #silc and /join silc doesn't join the same channel?
571 A: The #-character is not mandatory part of channel name in SILC. So
572 #silc and silc are two different channels. The #-character in channel
573 name is IRC feature and has nothing to do with SILC. If you have
574 #-character in the channel name, then it is part of the channel name,
575 just like %-character, or &-character could be part of channel name.
579 Q: Where can I find SILC servers?
580 A: The SILC server is available for free download from the silcnet.org
581 web page. We are not aware of any other SILC server implementations,
584 Q: Can I run my own SILC server?
585 A: Yes of course. Download the SILC server package, compile and
586 install it. Be sure to check out the installation instructions and the
587 README file. You also should decide whether you want to run SILC
588 server or SILC router.
590 Q: What is the difference between SILC server and SILC router?
591 A: The topology of the SILC network includes SILC routers and the SILC
592 servers (and SILC clients of course). Normal SILC server does not have
593 direct connections with other SILC servers. They connect directly to
594 the SILC router. SILC Routers may have several server connections and
595 they may connect to several SILC routers. The SILC routers are the
596 servers in the network that know everything about everything. The SILC
597 servers know only local information and query global information from
598 the router when necessary.
600 If you are running SILC server you want to run it as router only if
601 you want to have server connections in it and are prepared to accept
602 server connections. You also need to get the router connected to some
603 other router to be able to join the SILC network. You may run the
604 server as normal SILC server if you do not want to accept other server
605 connections or cannot run it as router.
607 Q: Why server says permission denied to write to a log file?
608 A: The owner of the log files must be same user that the server is run
609 under, by default it is user `nobody'. Just change the permissions and
612 Q: When I connect to my server it says "server does not support one of
613 your proposed ciphers", what is wrong?
614 A: Most likely the ciphers and others has not been compiled as SIMs
615 (modules) and they are configured as modules in the silcd.conf. If
616 they are not compiled as modules remove the module paths from the
617 ciphers and hash functions from the silcd.conf, so that the server use
618 the builtin ciphers. Then try connecting to the server again. It is
619 also possible that the client IS proposing some ciphers that your
620 server does not support.
622 Q: Why SILC server runs on privileged port 706?
623 A: Ports 706/tcp and 706/udp have been assigned for the SILC protocol
624 by IANA. Server on the network listening above privileged ports
625 (>1023) SHOULD NOT be trusted as it could have been set up by
626 untrusted party. The server normally drops root privileges after
627 startup and then run as user previously defined in silcd.conf.
629 Q: I see [Unknown] in the log file, what does it mean?
630 A: You can see in the log file for example: [Info] Closing connection
631 192.168.78.139:3214 [Unknown]. The [Unknown] means that the connection
632 was not authenticated yet, and it is not known whether the connection
633 was a client, server or router. There will appear [Client], [Server]
634 or [Router] if the connection is authenticated at that point.
636 Q: How can I generate a new server key pair?
637 A: You can generate a new key pair using the silcd command with the -C
638 option. When SILC Server is installed a key pair is generated
639 automatically for you. However, it is suggested that you check the
640 information found in that key and generate a new key pair if the
641 information is incorrect. You can check the information of your public
642 key by giving command: silc -S file.pub.
644 If you want to generate a new key pair then you can give for example
645 command: silcd -C . --identifier="UN=silc-oper, HN=silc.silcnet.org,
646 RN=SILC Router Admin, E=silc-oper@silcnet.org, O=SILC Project, C=SK".
647 This will create the key pair to current directory, with the specified
648 identifier. Please, give the --help option to the silcd to see usage
649 help for the -C and --identifier options.
653 Q: What is SILC Toolkit?
654 A: SILC Toolkit is a package intended for software developers who
655 would like to develope their own SILC based applications or help in
656 the development of the SILC. The Toolkit includes SILC Protocol Core
657 library, SILC Crypto library, SILC Key Exchange (SKE) library, SILC
658 Math library, SILC Modules (SIM) library, SILC Utility library, SILC
659 Client library and few other libraries.
661 Q: Is the SILC Toolkit Reference Manual Available?
662 A: Yes, partially completed reference manual is available in the
663 Toolkit releases as HTML package and they are available from the
664 silcnet.org website as well at the documentation page.
666 Q: How do I compile the Toolkit on Unix?
667 A: You should read the INSTALL file from the package and follow its
668 instructions. The compilation on Unix is as simple as compiling any
669 other SILC package. Give, `./configure' command and then `make'
672 Q: How do I compile the Toolkit on Win32?
673 A: We have prepared instructions to compile the Toolkit on Win32 in
674 the Toolkit package. Please, read the README.WIN32 file from the
675 package for detailed instructions how to compile the Toolkit for
676 Cygwin, MinGW and native Win32 systems. We have also prepared ready
677 MSVC++ Workspace files in the win32/ directory in the package that
678 will compile automatically the Toolkit.
680 Q: Does the Toolkit package include any sample code?
681 A: Yes, naturally. It includes sample codes for two different SILC
682 Client implementations, and SILC Server. The silcer/ directory
683 includes a simple GUI client based on GTK--, and Win32 samples are
684 included in the win32/ directory, for simple client.