The ircd in use is ircd-hybrid. The package is from debian, with client-ssl and ipv6 enabled, and a pam auth patch by ikelly. There is an apt repository for this at
The conditions surrounding client-ssl + pam are as follows:
If you connect from skynet, to port 6667 without ssl, or port 9999 with ssl, you should log straight in.
If you connect from outside skynet, you should not be able to get to port 6667 on skynet
If you connect from outside skynet, you should have to use ssl to connect to port 9999
If you connect from outside skynet, using ssl, to port 9999, you should have to use your skynet username as your username, and use your skynet password.
Note, nick!=username. In the mask a! email@example.com, a is the nick, b is the username. The username cannot be changed by the client after login. Therefore, if someone auths, they have to have the correct username, and are therefore traceable if needs be.
There is a test server with this configuration running on skynet at the moment. Please test the above conditions as much as possible, thanks.
The firewall is setup to allow the other intersocs servers to connect directly to port 6667, for peering. This port has to be non-ssl for peering to work. The servers use a form of encryption (called cryptlinks in the hybrid docs) for server<->server links.