There is a tor only, ssl/tls only server running on a hidden service: 4b27t6tm5pzgpsrqpzukmlzztfn3ur55dcufaj5esu6brge5qu5nirad.onion ssl/tls only does not mean you need to use sasl, it means there is no plaintext port to connect to, only the 6697 ssl/tls port. (and yes, we know tor is encrypted by default, stop linking that one article :)) ## If your client tries to resolve the .onion In your torrc: # 10.10.10.10 is arbitrary, change at will mapaddress 10.10.10.10 4b27t6tm5pzgpsrqpzukmlzztfn3ur55dcufaj5esu6brge5qu5nirad.onion (remember to restart the tor daemon) Then you can run your irc client with the `torsocks` script or if your client has the capability, tell it to use the socks proxy on localhost:9050 (example for irssi running within torsocks: /connect -ssl 10.10.10.10) ## If you wish to check the authenticity of the tor server, you can verify ## against the following: Certificate Chain: Subject: C: US, ST: n/a, L: n/a, O: HLIRCnet, OU: Tor, CN: tor.hlircnet. Issuer: C: US, ST: n/a, L: n/a, O: HLIRCnet, OU: Tor, CN: tor.hlircnet. Protocol: TLSv1.2 (256 bit, ECDHE-ECDSA-CHACHA20-POLY1305) EDH Key: 384 bit ECDH: secp384r1 Public Key: 384 bit EC, valid from Jul 20 18:02:38 2020 GMT to Jul 18 18:02:38 2030 GMT Public Key Fingerprint: F9:8F:35:51:16:88:20:60:AF:1A:19:DA:CA:F9:AC:FC:E2:E4:EE:E2:0C:69:AC:36:84:8A:EB:95:47:41:F8:E7 (SHA256) Certificate Fingerprint: 9D:45:B0:63:5C:ED:CF:D9:F3:76:91:3A:42:39:62:F1:1D:7A:5B:B7:46:4D:93:E1:85:EB:40:F4:AA:3D:40:5C (SHA256)