Subject: Re: identd with NAT and IPv6 support.
To: Jim Wise <jwise@draga.com>
From: Aidan Cully <aidan@kublai.com>
List: tech-net
Date: 03/27/2002 20:14:00
On Wed, Mar 27, 2002 at 05:59:47PM -0500, Jim Wise wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Wed, 27 Mar 2002, Bill Sommerfeld wrote:
> >Ident must die.
> 
> Right.  It serves no useful purpose.  At all.
> 
> See also the documentation in the man page for the `-L' flag which I
> added a few years back.  :-)

I take some issue with that...  ident can be very useful in limited
situations.  If you've got a multi-user shell service, and don't want
to ask your users for passwords when they connect over TCP to another
service you've got, but this service provides different things to
different users, ident is not a bad way to go.  INN's nnrpd can
resolve users over ident because of just this situation.

ident is useless once you leave a trusted area.
--aidan
(I've actually considered trying to come up with a "modern" ident
protocol, which could deal with users connecting to IP-addresses on a
different host.)