Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   6113 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

IDENTD(8)		 BSD System Manager's Manual		     IDENTD(8)

NAME
     identd - TCP/IP IDENT protocol server

SYNOPSIS
     identd [-i | -w | -b] [-t seconds] [-u uid] [-g gid] [-p port]
	    [-a address] [-c charset] [-noelvmNUdh]

DESCRIPTION
     identd is a server which implements the TCP/IP proposed standard IDENT
     user identification protocol as specified in the RFC 1413 document.

     identd operates by looking up specific TCP/IP connections and returning
     the user name of the process owning the connection.

     The options are as follows:

     -i	     Tells identd to run as a process started from inetd(8) with the
	     "nowait" option in the /etc/inetd.conf file. Use of this mode
	     will make inetd(8) start one identd daemon for each connection
	     request. This is the default mode of operation.

     -w	     Tells identd to run as a process started from inetd(8) with the
	     "wait" option in the /etc/inetd.conf file. This mode of operation
	     will start a copy of identd at the first connection request and
	     then identd will handle subsequent requests. Previous versions
	     listed this as the preferred mode of operation due to the initial
	     overhead of parsing the kernel nlist. This version does not use
	     kmem or nlist parsing, so this reasoning is no longer valid.

     -b	     Specify operation as a stand-alone daemon.

     -h	     Hide the actual information about the user by providing an opaque
	     token instead. This token is entered into the local system logs
	     so that the administrator can later discover who the real user
	     was.

     -H	     Hide information about non existing users (e.g., connections
	     through NAT) as well as existing users. Implies -h.

     -t seconds
	     Specifies an idle timeout in seconds where a daemon running in
	     "wait" mode will timeout and exit. The default is no timeout.

     -u uid  Specify a user ID number or user name which the identd server
	     should switch to after binding itself to the TCP/IP port if run-
	     ning as a stand-alone daemon. identd runs as user "_identd" by
	     default and falls back to "nobody" if the "_identd" user does not
	     exist.

     -g gid  Specify a group ID number or group name which the identd server
	     should switch to after binding itself to the TCP/IP port if run-
	     ning as a stand-alone daemon.

     -p port
	     Specify an alternative port number or service name on which to
	     listen when running as a stand-alone daemon. Default is "auth"
	     (113).

     -a address
	     Specify a local IP address in dotted quad format to bind the
	     listen socket to if running as a stand-alone daemon. By default
	     the daemon listens on all local IP addresses.

     -l	     Use syslogd(8) for logging purposes.
     -v	     Log every request to syslog if -l above is specified.

     -o	     Do not reveal operating system type; always return "OTHER" in-
	     stead.

     -e	     Always return "UNKNOWN-ERROR" instead of the "NO-USER" or
	     "INVALID-PORT" errors.

     -c charset
	     Specify an optional character set designator to be included in
	     replies. charset should be a valid character set as described in
	     the MIME RFC in upper case characters.

     -n	     Always return uid numbers instead of usernames.

     -N	     When replying with a user name or ID, first check for a file
	     .noident in the user's home directory. If this file is accessi-
	     ble, return "HIDDEN-USER" instead of the normal USERID response.

     -U	     When replying with a user name or ID, first check for a file
	     .ident in the user's home directory. If this file is accessible,
	     return the contents of the file instead of the normal USERID
	     response.

     -m	     Allow multiple requests to be processed per session. Each request
	     is specified one per line and the responses will be returned one
	     per line. The connection will not be closed until the client
	     closes its end of the connection. PLEASE NOTE THAT THIS MODE
	     VIOLATES THE PROTOCOL SPECIFICATION AS IT CURRENTLY STANDS.

     -d	     This flag enables some debugging code that normally should NOT be
	     enabled since that breaks the protocol and may reveal information
	     that should not be available to outsiders.

SEE ALSO
     inetd.conf(5)

NOTES
     identd uses the LOG_DAEMON syslogd(8) facility to log messages.

     Unlike previous versions of identd, this version uses sysctl(3) to obtain
     information from the kernel instead of parsing kmem. This version does
     not require privilege beyond what is needed to bind the listen port if
     running as a stand-alone daemon.

BUGS
     Since identd should typically not be run as a privileged user or group,
     .ident files for use when running with the -U flag will need to be world
     accessible. The same applies for .noident files when running with the -N
     flag.

MirOS BSD #10-current		July 27, 1997				     1

Vote for polarhome