- # fingerprint: When using the m_oper_ssl_cert module, you may specify
- # a key fingerprint here. This can be obtained by using the
- # /fingerprint command while the module is loaded. This enhances
- # security by verifying that the person opering up has the matching
- # key/certificate combination. This enhances security a great deal.
- # If m_oper_ssl and/or m_ssl_gnutls/m_ssl_openssl aren't loaded,
- # this option will be ignored.
- #fingerprint="67:CB:9D:C0:13:24:8A:82:9B:B2:17:1E:D1:1B:EC:D4"
+ # fingerprint: When using the m_sslinfo module, you may specify
+ # a key fingerprint here. This can be obtained by using the /sslinfo
+ # command while the module is loaded, and is also noticed on connect.
+ # This enhances security by verifying that the person opering up has
+ # a matching SSL client certificate, which is very difficult to
+ # forge (impossible unless preimage attacks on the hash exist).
+ # If m_sslinfo isn't loaded, this option will be ignored.
+ #fingerprint="67cb9dc013248a829bb2171ed11becd4"
+
+ # sslonly: This oper can only oper up if they're using a SSL connection.
+ # Setting this option adds a decent bit of security. Highly recommended
+ # if the oper is on wifi, or specifically, unsecured wifi. Note that it
+ # is redundant to specify this option if you specify a fingerprint.
+ # This setting only takes effect if m_sslinfo is loaded.
+ #sslonly="yes"
+
+ # vhost: overrides the vhost in the type block. Class and modes may also
+ # be overridden
+ vhost="brain.netadmin.omega"