Setting up SaslServ

SaslServ provides essential network management tools for IRC operators on the IRC network.

SaslServ Block

The saslserv{} block contains settings specific to the SaslServ service bot.

A fully configured saslserv{} block may look like:

saslserv {
nick = "SaslServ";
user = "SaslServ";
host = "";
real = "SASL Authentication Agent";

Services Bot Options

SaslServ supports most standard services bot options. SaslServ does not offer any direct commands, so the aliases{} and access{} configuration options are not applicable.


If enabled, the SASL bad_password message will hide server names.

Example: hide_server_names;


In addition to loading the SaslServ service bot itself, these modules configure what SASL mechanisms your network will support.

Note: Your IRCd must also support SASL for this service bot to work.

modules/saslserv/mainCore components
modules/saslserv/authcookieAUTHCOOKIE mechanismUsed by the legacy IRIS webirc client.
modules/saslserv/ecdh-x25519-challengeECDH-X25519-CHALLENGE mechanismSupport for this mechanism requires that Atheme be compiled against a cryptographic library that provides X25519 ECDH support: BoringSSL, LibreSSL, ARM mbedTLS, Nettle, Sodium, etc. This will be checked while running ./configure.
modules/saslserv/ecdsa-nist256p-challengeECDSA-NIST256P-CHALLENGE mechanismSupport for this mechanism requires that Atheme be compiled against an OpenSSL with ECDSA support (e.g. not the version available in RHEL, etc., unless you compile your own). This will be checked while running ./configure.
modules/saslserv/externalEXTERNAL mechanism (IRCv3.1+)
modules/saslserv/plainPLAIN mechanism
modules/saslserv/scramSCRAM-SHA-* mechanismsYou must read SCRAM-SHA Support before loading this module.