[plug] Identd server that "hides" the user
weirdit at gmail.com
Tue Oct 19 11:58:46 WST 2010
On 19 October 2010 13:03, Daniel Pittman <daniel at rimspace.net> wrote:
> Tim <weirdit at gmail.com> writes:
>> I'm searching for an identd server that hides the true identity of the
>> user (so it's not giving out login names).
Essentially what I am doing is providing a shell server to a group of
users to connect to an irc server. I want to give them the ability to
be properly identified on the irc server so that if abuse of the shell
server occurs, the irc operator can report to me who it was (using the
ident info) and I can suspend the account. But I still want to keep
login id's from being broadcast to all the irc users (who could then
start trying to break into shell accounts). 
In my searching, I have now found slidentd. Similar to pidentd except
it just logs to syslog the uid and the token it handed out. Much
easier now to just grep the logs for the abusers token and find the
real uid. I don't expect abuse, but want to be prepared if it happens.
Description: minimal ident (RFC 1413) daemon
It is similar in the purpose to pidentd but with different design goals. It's
a very small and simple daemon that would not give out any sensitive
information. In this regard it is not RFC compliant (RFC 1413 requires the
daemon to be insecure by default).
slidentd is statically compiled (with dietlibc) and quite small (~2kb).
 I already have denyhosts running, but if users don't even have
valid usernames then the chance of a breakin is reduced.
Timothy White - Somewhere in Australia
More information about the plug