Version 13 (modified by larloch, 7 years ago) (diff)




weechat is (afaik) the only console irc client with working socks5 support. Making it play nice with Tor is as easy as changing the following lines in the [proxy] section of ~/weechat/weechat.rc :

proxy_use = on
proxy_type = socks5
proxy_ipv6 = off
proxy_address = ""
proxy_port = 9050

This works fine with in-Tor IRC servers as well (notably ORC at irc://3d2et7ek4jjhnv3k.onion)


The easiest way to connect through Tor in irssi is by using socat. This has been described in the TorifyHowTO?.

Since many irssi users already run their client in screen, I'd recommend just adding a new "window" in screen (Ctrl+a+c) and running this (assuming that Tor is listening on 9050 and you want to connect to foo.onion):

socat TCP4-LISTEN:4242,fork SOCKS4A:localhost:foo.onion:6667,socksport=9050  

This one liner might make the above process easier:

# ./socatchk remote-host remote-port
# crudely shutsdown socat (if running) and then restarts it for new host/port
[ "$(pidof socat >/dev/null 2>&1 && echo $?)" = 0 ] && kill $(pidof socat); [ "$(pidof socat && echo $?)" != 0 ] && socat TCP4-LISTEN:4242,fork SOCKS4A:$orlisadr:$1:$2,socksport=$orport &
./socatchk hiddenservice port

If the IRC server you are wishing to connect to requires SASL authentication, you will need to install the SASL plugin to add SASL supprt to Irssi. If not, feel free to skip this section.

These instructions assume that you already have a registered nick with the server you are wishing to connect to.

First you will need to exit irssi and download the SASL plugin which can be found here:

The plugin should be named and should moved into the ~/.irssi/scripts directory.

Note: This plugin is from and may or may not work with other servers.

Start irssi with

torify irssi

If you are missing any libraries required by the sasl plugin, irssi will issue a few warnings. Make sure to install them before continuing.

Once you have the SASL plugin loaded, you must add your nickserv registration and encryption method into the SASL plugin. The plugin can take one of two values for encryption method: PLAIN or DH-BLOWFISH. We are going to use DH-BLOWFISH.

/sasl set localhost [username] [password] DH-BLOWFISH

Check to make sure your info was saved properly

/sasl show

If it looks correct save it.

/sasl save

This will append your info to ~/.irssi/sasl.auth. Once your info has been saved, this file should be loaded automatically each time you start Irssi. If not just type:

/sasl load

Now to connect to the server just type:

/connect localhost 4242

To minimize information leakage about your client and timezone add

ignores = ( { level = "CTCPS"; } );

or run

/ignore * CTCPS

and then



X-Chat supports SOCKS 5 and does not leak DNS requests.

Settings-> Preferences -> Network -> Network setup -> Proxy server

Port: 9050
Type: Socks5

Unofficial builds of X-Chat for Windows are free.

See the note on tsocks and DNS above.

X-Chat Aqua 0.16.0

X-Chat Aqua is X-Chat with an Aqua interface for MacOS X. X-Chat Aqua uses the irc engine from X-Chat, and is designed to look and feel like the GTK+ front end.

This is a free IRC client for Macintosh OSX that works with Tor.

X-Chat Aqua-> Preferences -> Network -> Network setup

Address to bind to:
Proxy server: localhost
Port: 9050
Proxy type: Socks5


Since the SILC client is based on Irssi, you can follow the same procedure to make it use Tor. Combining Tor and SILC might be one of the safest ways to communicate with someone over the Internet. More information about SILC is available at


Silky is a GTK2 SILC client. It does not currently support SOCKS, so the best way to make it work with Tor is using socat (IMO).:

socat TCP4-LISTEN:6666,socksport=9050

And then tell Silky to connect to localhost:6666.


In order to use BitchX with tor, you first need to get ProxyChains, a *NIX-only HTTP and SOCKS proxy client. On Debian systems, install the proxychains package. Once installed, just add

socks5 9050
http localhost 8118

to the ProxyChains config file at ~/.proxychains/proxychains.conf. Now that it is configured, type proxychains bitchx at the command line.

The gentoo build of proxychains seems to be broken on x86 arch. Using tsocks BitchX or torify BitchX works well.

You may want to look up your IRC server's IP with tor-resolve and use the IP in place of a hostname; see the note on tsocks and DNS above.


File -> Options -> Connect -> Firewall

Older versions: Mark the "Use SOCKS Firewall" box. Newer versions (mIRC 6.0 and up): Select "Both" from the "Firewall support" pulldown.

Protocol: SOCKS5
Port: 9050

No image "mirc_firewall.png" attached to doc/TorifyHOWTO/IrcSilc

Don't use SOCKS4. Use SOCKS5.

There is a way to automate this with two commands...

/firewall -cm5+d on localhost 9050

to activate it and...

/firewall -d off

to deactivate the proxy. You can add this commands to your personal commands menu by following these instructions:

Press Alt+P to open the popup editor and type this bellow "Commands"

Anonymize:/firewall -cm5+d on localhost 9050
de-Anonymize:/firewall -d off


Preferences -> Advanced Preferences -> Proxy Server

Use proxy server to resolve names.
Use proxy server.
Protocol: SOCKS5
Host: localhost or
Port: 9050



Settings -> Configure KVIrc -> Connection -> Proxy Hosts

Use proxy.
New proxy.
Proxy: tor
Port: 9050
IP Address:
Protocol: SOCKSv5

Since kVIrc does not support remote dns yet, you have to add a mapping to your tor config, if you want to connect to a hidden service. Do this like:

echo 'mapaddress  mejokbp2brhw4omd.onion' >> /etc/tor/torrc
pkill -HUP tor

and then connect to through your Tor proxy.

Addendum: Version 3.4.0 appears to support remote dns with socks5, so for the above server you could leave the ip address as