| Bill Jonas on Wed, 19 Jun 2002 22:00:51 +0200 |
|
On Tue, Jun 18, 2002 at 12:38:42PM -0400, gabriel rosenkoetter wrote: > NOTE: You should not rely on the data integrity the identd protocol > tries to provide you with. If you think you need this, you really need > protocols which do strong host and/or user authentication such as ssh > and IPsec in conjunction with audit trails. Well... no kidding. I forget why I wanted this (probably some silly IRC network required ident service, and I wished to do it the Right Way), but it wasn't because of any meaningful need on my part. Note that I said I wound up deciding it wasn't worth the little bit of trouble it would have taken, and wound up using nullidentd instead. The description of the Debian package reads, "nullidentd is a small, fast and secure identd daemon. It returns a static string for every query." Not exactly super-spiffy user identification. > (The "NAT with IPv4" is what you thought you needed midentd for, > right?) Well, I didn't "need" midentd specifically, I just wanted to find something that would provide an equivalent functionality on OpenBSD. Moot point anyhow, though, since nullidentd gave me what I actually needed at the time (an ident response) and I'm no longer currently running OpenBSD. Hmm... I'm tempted to set up nullidentd to return a username of 'DontYouKnowIdentProvidesNoMeaningfulInformation' or somesuch. ;) -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin Attachment:
pgpGUlGdi8bag.pgp
|
|