Identd

From ArchWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements. See Help:Style for reference.Tango-edit-clear.png

Reason: Unnecessary use of ordered lists; other style issues, see Help:Style. (Discuss in Talk:Identd)

The Ident service as specified by RFC 1413 is mostly used by various IRC networks and the occasional old FTP server to ask a remote server which user is making a connection. This method is quite untrustworthy, as the remote host can simply choose to lie.

So you have two choices:

  1. Tell the truth (see #oidentd below)
  2. Tell a little white lie (see nullidentdmod or nullidentd below)

oidentd

See oidentd.

If all went well, you should have the auth service running on port 113. A good way of checking this is by installing nmap (if you do not have it already) and typing 

$ nmap localhost

nullIdentdMod

Install the nullidentdmodAUR package.

Then enable and start nullidentdmod.socket.

Check if is working here.

As is, nullidentdmod will return a random userid.

Customization

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements. See Help:Style for reference.Tango-edit-clear.png

Reason: Creating a drop-in file would be better. (Discuss in Talk:Identd)

Create a replacement unit file for nullidentdmod@.service: 

# systemctl edit --full nullidentdmod@.service

At line 6, write desired userid 

[Unit]                                   
Description=NullidentdMod service        
                                         
[Service]                                
User=nobody                              
ExecStart=/usr/bin/nullidentdmod <userid>
StandardInput=socket                     
StandardOutput=socket                    
                                         
[Install]                                
WantedBy=multi-user.target

Obviously where <userid> you put your custom userid.

Check if is working here

nullIdent

This Ident server is capable of only returning the same name for any query. With a quick change to a single line of code, it can be customized to return any name you can think. One use for such a simple service would be for IRC client connections to ensure a degree of privacy (remote IRC server and users do not know your username) as well as allowing a small degree of 'vanity plating' for use in IRC channels.

The original code suffered link rot, but may now be found on github, at this address https://github.com/dxtr/nullidentd.

systemd activation

Create /etc/systemd/system/identd@.service, Add the following: 

/etc/systemd/system/identd@.service
[Unit]
Description=per connection null identd
 
[Service]
User=nobody
ExecStart=/usr/local/sbin/nullidentd
StandardInput=socket
StandardOutput=socket

Then create /etc/systemd/system/ident.socket, Add the following: 

/etc/systemd/system/ident.socket
[Unit]
Description=socket for ident
 
[Socket]
ListenStream=113
Accept=yes
 
[Install]
WantedBy=sockets.target

Inform systemd of the new files: 

# systemctl daemon-reload

Test that the socket is listening sucessfully: 

$ systemctl status ident.socket

this should yield output similar to the below 

ident.socket - socket for ident
   Loaded: loaded (/etc/systemd/system/ident.socket; enabled)
   Active: active (listening) since Fri 2014-01-24 02:30:53 WST; 30 seconds ago
   Listen: [::]:113 (Stream)
 Accepted: 0; Connected: 0

Jan 24 02:30:53 HOSTNAME systemd[1]: Listening on socket for ident.