Difference between revisions of "Oidentd"

From ArchWiki
Jump to: navigation, search
m (Move to Networking category)
(link to w:Ident protocol in intro)
 
(13 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
[[Category:Networking]]
 
[[Category:Networking]]
 
[[de:oidentd]]
 
[[de:oidentd]]
oidentd is an ident (rfc1413 compliant) daemon that runs on Linux, Darwin, FreeBSD, OpenBSD, NetBSD and Solaris. oidentd can handle IP masqueraded/NAT connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD. oidentd has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs.
+
{{out of date}}
 +
''oidentd'' is an [[Wikipedia:Ident protocol|ident]] (RFC 1413 compliant) daemon that runs on Linux, Darwin, FreeBSD, OpenBSD, NetBSD and Solaris. ''oidentd'' can handle IP masqueraded/NAT connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD. ''oidentd'' has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs.
  
==Installation==
+
== Installation ==
[[pacman|Install]] {{Pkg|oidentd}}, available in the [[Official Repositories]]。
+
  
==Configuration==
+
[[Install]] the {{Pkg|oidentd}} package.
With no global nor user configuration file(s), the users' ident replies will be that of their login name.  This makes configuration files optional.  See the [http://linux.die.net/man/5/oidentd.conf oidentd.conf manual] for more detail.
+
  
===Global configuration===
+
== Configuration ==
You may create the global configuration file ''/etc/oidentd.conf''.
+
 
 +
With no global nor user configuration file(s), the users' ident replies will be that of their login name. This makes configuration files optional. See {{man|5|oidentd.conf|url=http://linux.die.net/man/5/oidentd.conf}} for more detail.
 +
 
 +
=== Global configuration ===
 +
 
 +
You may create the global configuration file {{ic|/etc/oidentd.conf}}.
  
 
According to the manual, the following is suitable for a global configuration.
 
According to the manual, the following is suitable for a global configuration.
Line 31: Line 35:
 
  }
 
  }
  
Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries. Explicitly deny the ability to spoof ident responses. And reply with `UNKNOWN' for all successful ident queries for root."
+
Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries. Explicitly deny the ability to spoof ident responses. And reply with `UNKNOWN' for all successful ident queries for root."
  
===User configuration===
+
=== User configuration ===
Additionally and/or alternatively, each user may create his own local configuration file, ''$HOME/.oidentd.conf''.
+
 
 +
Additionally and/or alternatively, each user may create his own local configuration file, {{ic|$HOME/.oidentd.conf}}.
  
 
A possible example follows.
 
A possible example follows.
Line 45: Line 50:
 
The global configuration file will dictate what works in the user's local configuration file.
 
The global configuration file will dictate what works in the user's local configuration file.
  
=Starting oidentd=
+
== Starting oidentd ==
With oidentd installed and configured, you are now ready to start the daemon.
+
 
+
* '''/etc/rc.d/oidentd start'''
+
 
+
If you want to have oidentd start up automatically every time you start your computer, then you need to add ''oidentd'' to your DAEMONS=() array in ''/etc/rc.conf''. For example:
+
  
DAEMONS=(pcmcia syslogd klogd !fam esd mono network autofs cupsd oidentd crond gdm)
+
With ''oidentd'' installed and configured, [[start]] {{ic|oidentd.socket}} start the daemon. If you want to have ''oidentd'' start up automatically every time you start your computer, then you need to [[enable]] {{ic|oidentd.socket}}.

Latest revision as of 11:12, 20 October 2016

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: please use the first argument of the template to provide a brief explanation. (Discuss in Talk:Oidentd#)

oidentd is an ident (RFC 1413 compliant) daemon that runs on Linux, Darwin, FreeBSD, OpenBSD, NetBSD and Solaris. oidentd can handle IP masqueraded/NAT connections on Linux, Darwin, FreeBSD (ipf only), OpenBSD and NetBSD. oidentd has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs.

Installation

Install the oidentd package.

Configuration

With no global nor user configuration file(s), the users' ident replies will be that of their login name. This makes configuration files optional. See oidentd.conf(5) for more detail.

Global configuration

You may create the global configuration file /etc/oidentd.conf.

According to the manual, the following is suitable for a global configuration.

default {
     default {
          deny spoof
          deny spoof_all
          deny spoof_privport
          allow random
          allow random_numeric
          allow numeric
          allow hide
     }
}
user root {
     default {
          force reply "UNKNOWN"
     }
}

Which says, "Grant all users the ability to generate random numeric ident replies, the ability to generate numeric ident replies, and the ability to hide their identities on all ident queries. Explicitly deny the ability to spoof ident responses. And reply with `UNKNOWN' for all successful ident queries for root."

User configuration

Additionally and/or alternatively, each user may create his own local configuration file, $HOME/.oidentd.conf.

A possible example follows.

global { reply "unknown" }
to irc.example.org { reply "example" }

Which says, "Reply with `unknown' to all successful ident lookups, but reply with `example' to ident lookups for connections to irc.example.org."

The global configuration file will dictate what works in the user's local configuration file.

Starting oidentd

With oidentd installed and configured, start oidentd.socket start the daemon. If you want to have oidentd start up automatically every time you start your computer, then you need to enable oidentd.socket.