Jabber server jabberd14
From Andreida
XMPP Server Installation
- install
apt-get install jabberd14
- change server name in /etc/default/jabberd14
- restart
/etc/init.d/jabberd14 restart
Now you should have a working system.
- If you want to change the port, change /etc/jabber/jabber.xml. Replace 5222 with whatever.
- If you have a client with less fields than others, you'll have to change in /etc/jabber/jabber.xml in the <register> section what fields are needed. You can for example remove the name and email fields.
Disallow self register
search for the following lines:
<register xmlns="jabber:iq:register" notify="yes"> <instructions>Choose a username and password to register with this server.</instructions> <username/> <name/> <email/> </register>
and remove them or disable them
disable server to server
remove the section which begins with "s2s.localhost"
Add users manually
http://www.vanemery.com/Linux/Jabber/jabberd.html
In /var/spool/jabberd/jabber.<yourDomain> add one file per user, <username>.xml
<xdb> <password xmlns='jabber:iq:auth' xdbns='jabber:iq:auth'>mypass</password> <query xmlns='jabber:iq:register' xdbns='jabber:iq:register'> <username>myuser</username> <password xmlns='jabber:iq:auth'>mypass</password> <x xmlns='jabber:x:delay' stamp='20030805T15:45:10'>registered</x> </query> </xdb>
use ssl
create the certificate
change to /etc/jabber, then create the certificate:
openssl req -new -x509 -newkey rsa:1024 -days 9999 -keyout privkey.pem -out key.pem openssl rsa -in privkey.pem -out privkey.pem cat privkey.pem >> key.pem rm privkey.pem
activate the certificate
- edit /etc/jabber/jabber.xml
- change
<ip port="5222"/>
- to
<tls port='5222'>YOUR_IP</tls>
- search for <io>....<tls>...<dhparams>.
Add under tls:
<key ip="YOUR_IP">/etc/jabber/key.pem</key>
- restart the server
If the log says, a directory can not be read, create it and give it to the jabber user:
mkdir -p /var/spool/jabberd/inject.localhost chown -R jabberd:jabberd /var/spool/jabberd
client info
have the clients connect via SSL, not TLS
