Difference between revisions of "Oidentd"

From ArchWiki
Jump to: navigation, search
m (Starting oidentd: cups -> cupsd)
m (out of date)
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[Category: Daemons and system services (English)]]
+
[[Category:Networking]]
=Introduction=
+
[[de:oidentd]]
 +
{{out of date}}
 +
oidentd is an ident (rfc1413 compliant) daemon that runs on Linux, Darwin, FreeBSD, OpenBSD, NetBSD and Solaris.  oidentd can handle IP masqueraded/NAT connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD. oidentd has a flexible mechanism for specifying ident responses.  Users can be granted permission to specify their own ident responses.  Responses can be specified according to host and port pairs.
  
==What is oidentd?==
+
==Installation==
 +
[[pacman|Install]] {{Pkg|oidentd}}, available in the [[Official Repositories]]。
  
oidentd is an ident (rfc1413 compliant) daemon that runs on Linux, Darwin,
+
==Configuration==
FreeBSD, OpenBSD, NetBSD and Solaris.  oidentd can handle IP masqueraded/NAT
+
connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD.
+
oidentd has a flexible mechanism for specifying ident responses.  Users can
+
be granted permission to specify their own ident responses.  Responses can be
+
specified according to host and port pairs.
+
 
+
=Installation=
+
The oidentd package may be installed with pacman.
+
 
+
* '''pacman -S oidentd'''
+
 
+
=Configuration=
+
 
With no global nor user configuration file(s), the users' ident replies will be that of their login name.  This makes configuration files optional.  See the [http://linux.die.net/man/5/oidentd.conf oidentd.conf manual] for more detail.
 
With no global nor user configuration file(s), the users' ident replies will be that of their login name.  This makes configuration files optional.  See the [http://linux.die.net/man/5/oidentd.conf oidentd.conf manual] for more detail.
  
==Global configuration==
+
===Global configuration===
 
You may create the global configuration file ''/etc/oidentd.conf''.
 
You may create the global configuration file ''/etc/oidentd.conf''.
  
Line 43: Line 34:
 
Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries.  Explicitly deny the ability to spoof ident responses.  And reply with `UNKNOWN' for all successful ident queries for root."
 
Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries.  Explicitly deny the ability to spoof ident responses.  And reply with `UNKNOWN' for all successful ident queries for root."
  
==User configuration==
+
===User configuration===
 
Additionally and/or alternatively, each user may create his own local configuration file, ''$HOME/.oidentd.conf''.
 
Additionally and/or alternatively, each user may create his own local configuration file, ''$HOME/.oidentd.conf''.
  

Revision as of 23:50, 8 August 2013

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: please use the first argument of the template to provide a brief explanation. (Discuss in Talk:Oidentd#)

oidentd is an ident (rfc1413 compliant) daemon that runs on Linux, Darwin, FreeBSD, OpenBSD, NetBSD and Solaris. oidentd can handle IP masqueraded/NAT connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD. oidentd has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs.

Installation

Install oidentd, available in the Official Repositories

Configuration

With no global nor user configuration file(s), the users' ident replies will be that of their login name. This makes configuration files optional. See the oidentd.conf manual for more detail.

Global configuration

You may create the global configuration file /etc/oidentd.conf.

According to the manual, the following is suitable for a global configuration.

default {
     default {
          deny spoof
          deny spoof_all
          deny spoof_privport
          allow random
          allow random_numeric
          allow numeric
          allow hide
     }
}
user root {
     default {
          force reply "UNKNOWN"
     }
}

Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries. Explicitly deny the ability to spoof ident responses. And reply with `UNKNOWN' for all successful ident queries for root."

User configuration

Additionally and/or alternatively, each user may create his own local configuration file, $HOME/.oidentd.conf.

A possible example follows.

global { reply "unknown" }
to irc.example.org { reply "example" }

Which says, "Reply with `unknown' to all successful ident lookups, but reply with `example' to ident lookups for connections to irc.example.org."

The global configuration file will dictate what works in the user's local configuration file.

Starting oidentd

With oidentd installed and configured, you are now ready to start the daemon.

  • /etc/rc.d/oidentd start

If you want to have oidentd start up automatically every time you start your computer, then you need to add oidentd to your DAEMONS=() array in /etc/rc.conf. For example:

DAEMONS=(pcmcia syslogd klogd !fam esd mono network autofs cupsd oidentd crond gdm)