Identd

From ArchWiki
(Redirected from Identd Setup)

The Ident service as specified by RFC 1413 is mostly used by various IRC networks and the occasional old FTP server to ask a remote server which user is making a connection. This method is quite untrustworthy, as the remote host can simply choose to lie.

So you have two choices:

oidentd

See oidentd.

If all went well, you should have the auth service running on port 113. A good way of checking this is by installing nmap (if you do not have it already) and typing:

$ nmap localhost

nullIdentdMod

Install the nullidentdmodAUR[broken link: package not found] package.

Then enable and start nullidentdmod.socket.

Check if is working here.

As is, nullidentdmod will return a random userid.

Customization

Create a drop-in file for nullidentdmod@.service.

/etc/systemd/system/nullidentdmod@.service.d/override.conf
[Service]                                
ExecStart=/usr/bin/nullidentdmod userid

Check if is working here

nullIdentd

This Ident server is capable of only returning the same name for any query. With a quick change to a single line of code, it can be customized to return any name you can think. One use for such a simple service would be for IRC client connections to ensure a degree of privacy (remote IRC server and users do not know your username) as well as allowing a small degree of 'vanity plating' for use in IRC channels.

The original code suffered link rot, but may now be found on GitHub, at this address https://github.com/dxtr/nullidentd.

Systemd activation

Create /etc/systemd/system/identd@.service, Add the following:

/etc/systemd/system/identd@.service
[Unit]
Description=per connection null identd
 
[Service]
User=nobody
ExecStart=/usr/local/sbin/nullidentd
StandardInput=socket
StandardOutput=socket

Then create /etc/systemd/system/ident.socket, Add the following:

/etc/systemd/system/ident.socket
[Unit]
Description=socket for ident
 
[Socket]
ListenStream=113
Accept=yes
 
[Install]
WantedBy=sockets.target

Reload ident.socket to make use of the new files:

You can check the unit status of ident.socket to test that it is listening successfully.