Subject: Re: identd...
To: Greg A. Woods <woods@weird.com>
From: Andrew Brown <atatat@atatdot.net>
List: current-users
Date: 12/12/2000 14:18:24
>> http://www.clock.org/~fair/opinion/identd.html
>>
>> comes complete with source code to an alternate identd daemon. Must
>> faster, no privs required, and no kernel grovelling.
>
>Now that NetBSD has crypto by default identd need no longer be pointless
>or dangerous. In fact with support for sending an encrypted response
>identd is again useful for its original intended purpose -- i.e. to
>supply remote "client" systems with tokens that the originating
>administrator can use in the future should there ever be a need to
>identify the originating user. In this case the "token" is actually the
>full data, but in encrypted form, and so the originating system need not
>even maintain their logs -- just keep the original encryption key (and
>of course keep it safe).
there's absolutely *no* need for crypto to make identd "secure". a
simple identd could to the following:
* parse a request
* look up the actual user's name
* call gettimeofday(2)
* syslog(LOG_INFO, "%s %ld.%06ld", actualuser, tv_secs, tv_usecs)
* respond with "%ld.%06ld" instead of the actual user
thereby providing something which *in no way* relates to the actual
user's name, is referrable by the local admin if a foreign party
requests the information (it's all in the log file), and leaks no
information about your system except for what time you think it is.
it also ought to be pretty unique.
i suppose if you want something that leaks less, you could do
something with a hash, the time stuff, the actual user, and send that
back.
--
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org * "ah! i see you have the internet
twofsonet@graffiti.com (Andrew Brown) that goes *ping*!"
andrew@crossbar.com * "information is power -- share the wealth."