Difference between revisions of "Identd"

From ArchWiki
Jump to: navigation, search
(Removing NullIdent)
m (Fix typo)
 
(29 intermediate revisions by 17 users not shown)
Line 1: Line 1:
 
[[Category:Networking]]
 
[[Category:Networking]]
 +
[[ja:Identd]]
 +
{{Style|Unnecessary use of ordered lists; other style issues, see [[Help:Style]].}}
 +
 
The Ident service as specified by RFC 1413 is mostly used by various IRC networks and the occasional old FTP server to ask a remote server which user is making a connection.
 
The Ident service as specified by RFC 1413 is mostly used by various IRC networks and the occasional old FTP server to ask a remote server which user is making a connection.
Any person with two brain cells to rub together should spot that this quite untrustworthy as the remote host can simply choose to lie.
+
This method is quite untrustworthy, as the remote host can simply choose to lie.
  
 
So you have two choices:
 
So you have two choices:
# Tell the truth (see pidentd below)
+
# Tell the truth (see [[#oidentd]] below)
# Tell a little white lie (see nullident below)
+
# Tell a little white lie (see nullidentdmod or nullidentd below)
 +
 
 +
== oidentd ==
 +
 
 +
See [[oidentd]].
 +
 
 +
If all went well, you should have the auth service running on port 113.  A good way of checking this is by installing {{Pkg|nmap}}  (if you do not have it already) and typing
 +
$ nmap localhost
 +
 
 +
==nullIdentdMod==
 +
 
 +
'''1.''' [[Install]] the {{AUR|nullidentdmod}} package.
 +
 
 +
'''2.''' [[Enable]] {{ic|nullidentdmod.socket}} on systemd.
 +
 
 +
'''3.''' [[Start]] {{ic|nullidentdmod.socket}} on systemd.
 +
 
 +
'''4.''' Check if is working [http://acidhub.click/NullidentdMod/ here].
 +
 
 +
As is, nullidentdmod will return a random userid.
 +
 
 +
===Customization===
 +
'''1.''' [[Edit]] the unit with systemctl command:
 +
# systemctl edit --full nullidentdmod@.service
 +
 
 +
At line 6, write desired userid
 +
 
 +
[Unit]                                 
 +
Description=NullidentdMod service       
 +
                                         
 +
[Service]                               
 +
User=nobody                             
 +
ExecStart=/usr/bin/nullidentdmod '''<userid>'''
 +
StandardInput=socket                   
 +
StandardOutput=socket                   
 +
                                         
 +
[Install]                               
 +
WantedBy=multi-user.target             
 +
 
 +
Obviously where <userid> you put your custom userid.
 +
 
 +
'''4.''' Check if is working [http://acidhub.click/NullidentdMod/ here]
 +
 
 +
==nullIdent==
 +
 
 +
This Ident server is capable of only returning the same name for any query. With a quick change to a single line of code, it can be customized to return any name you can think.
 +
One use for such a simple service would be for IRC client connections to ensure a degree of privacy (remote IRC server and users do not know your username) as well as allowing a small degree of 'vanity plating' for use in IRC channels.
 +
 
 +
The original code suffered link rot, but may now be found on github, at this address https://github.com/dxtr/nullidentd.
  
== pIdentd ==
+
===systemd activation===
Like most people, I prefer to run identd from from inetd instead of as a stand-alone service.  For this to work you will need to install two packages: xinetd and pidentd.  I tried this with oidentd but it does not seem to work with the latest xinetd.
+
Below are two files you need to create under {{ic|/etc/systemd/system/}}
  
1. Install needed software
+
'''1.''' identd@.service
  
{{bc|# pacman -S xinetd pidentd}}
+
[Unit]
 +
Description=per connection null identd
 +
 +
[Service]
 +
User=nobody
 +
ExecStart=/usr/local/sbin/nullidentd
 +
StandardInput=socket
 +
StandardOutput=socket
  
2. Next, you will need to paste the following into a new file and save it as {{ic|/etc/xinetd.d/auth}}
+
'''2.''' ident.socket
  
  service auth
+
  [Unit]
  {
+
  Description=socket for ident
      flags = REUSE
+
      socket_type = stream
+
[Socket]
      wait = no
+
ListenStream=113
      user = nobody
+
Accept=yes
      server = /usr/sbin/identd
+
      server_args = -m -N
+
[Install]
      log''on''failure += USERID
+
WantedBy=sockets.target
      disable = no
 
}
 
  
3. After you have saved the new file, run xinetd with the following command
+
'''3.''' inform SystemD  of the new files
 +
# systemctl daemon-reload
  
{{bc|# /etc/rc.d/xinetd start}}
+
'''4.''' Test that the socket is listening sucessfully
 +
$ systemctl status ident.socket
  
If all went well, you should have the auth service running on port 113.  A good way of checking this is by installing nmap  (if you do not have it already) and typing
+
this should yield output similar to the below
{{bc|$ nmap localhost}}
+
ident.socket - socket for ident
 +
    Loaded: loaded (/etc/systemd/system/ident.socket; enabled)
 +
    Active: active (listening) since Fri 2014-01-24 02:30:53 WST; 30 seconds ago
 +
    Listen: [::]:113 (Stream)
 +
  Accepted: 0; Connected: 0
 +
 +
Jan 24 02:30:53 HOSTNAME systemd[1]: Listening on socket for ident.

Latest revision as of 12:00, 22 April 2018

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements.Tango-edit-clear.png

Reason: Unnecessary use of ordered lists; other style issues, see Help:Style. (Discuss in Talk:Identd#)

The Ident service as specified by RFC 1413 is mostly used by various IRC networks and the occasional old FTP server to ask a remote server which user is making a connection. This method is quite untrustworthy, as the remote host can simply choose to lie.

So you have two choices:

  1. Tell the truth (see #oidentd below)
  2. Tell a little white lie (see nullidentdmod or nullidentd below)

oidentd

See oidentd.

If all went well, you should have the auth service running on port 113. A good way of checking this is by installing nmap (if you do not have it already) and typing

$ nmap localhost

nullIdentdMod

1. Install the nullidentdmodAUR package.

2. Enable nullidentdmod.socket on systemd.

3. Start nullidentdmod.socket on systemd.

4. Check if is working here.

As is, nullidentdmod will return a random userid.

Customization

1. Edit the unit with systemctl command:

# systemctl edit --full nullidentdmod@.service

At line 6, write desired userid

[Unit]                                   
Description=NullidentdMod service        
                                         
[Service]                                
User=nobody                              
ExecStart=/usr/bin/nullidentdmod <userid>
StandardInput=socket                     
StandardOutput=socket                    
                                         
[Install]                                
WantedBy=multi-user.target               

Obviously where <userid> you put your custom userid.

4. Check if is working here

nullIdent

This Ident server is capable of only returning the same name for any query. With a quick change to a single line of code, it can be customized to return any name you can think. One use for such a simple service would be for IRC client connections to ensure a degree of privacy (remote IRC server and users do not know your username) as well as allowing a small degree of 'vanity plating' for use in IRC channels.

The original code suffered link rot, but may now be found on github, at this address https://github.com/dxtr/nullidentd.

systemd activation

Below are two files you need to create under /etc/systemd/system/

1. identd@.service

[Unit]
Description=per connection null identd

[Service]
User=nobody
ExecStart=/usr/local/sbin/nullidentd
StandardInput=socket
StandardOutput=socket

2. ident.socket

[Unit]
Description=socket for ident

[Socket]
ListenStream=113
Accept=yes

[Install]
WantedBy=sockets.target

3. inform SystemD of the new files

# systemctl daemon-reload

4. Test that the socket is listening sucessfully

$ systemctl status ident.socket

this should yield output similar to the below

ident.socket - socket for ident
   Loaded: loaded (/etc/systemd/system/ident.socket; enabled)
   Active: active (listening) since Fri 2014-01-24 02:30:53 WST; 30 seconds ago
   Listen: [::]:113 (Stream)
 Accepted: 0; Connected: 0

Jan 24 02:30:53 HOSTNAME systemd[1]: Listening on socket for ident.