Hi! Am Fri, Mar 14, 2003 at 01:22:00PM -0500, Curt Hastings schrieb: > You might be interested in OpenBSD's identd -- the -h option in particular. > > [man identd] > > -h Hide the actual information about the user by providing an opaque > token instead. This token is entered into the local system logs > so that the administrator can later discover who the real user > was. > > This does permit some information to leak out, but it opaque. Here is a log entry. > > Mar 12 01:31:35 tokyo identd[8970]: request for (45724,25) from localhost.ips.edu > Mar 12 01:31:35 tokyo identd[8970]: token txjyl7b0xtvamk8fpsdx == uid 25 (smmsp) > > It might be possible to port this to Linux, but I haven't checked.
There is a bunch of identds for Linux. E.g. pidentd with activated DES support has also such a feature that cryptographically ensures, that only the local root is able to see who owned the connection in question. Here's the list of identds available for Debian GNU/Linux 3.0: bidentd - Bisqwit's identd gidentd - RFC1413 compliant IPv4/IPv6 ident daemon mdidentd - ident daemon that permits fake identd midentd - identd replacement with masquerading support. nullidentd - small, fast identd daemon oidentd - Replacement ident daemon pidentd - TCP/IP IDENT protocol server. pidentd-des - TCP/IP IDENT protocol server with DES support. For details on these packages see http://packages.debian.org/ Kind regards, Axel Beckert -- -------------------------------------------------------------- Axel Beckert ecos electronic communication services gmbh IT-Securitylösungen * dynamische Webapplikationen * Consulting Post: Tulpenstrasse 5 D-55276 Dienheim b. Mainz E-Mail: [EMAIL PROTECTED] Voice: +49 6133 939-220 WWW: http://www.ecos.de/ Fax: +49 6133 939-333 -------------------------------------------------------------- | | | Besuchen Sie uns auf der CeBIT vom 12. - 19. März 2003 | | Messe Hannover * Halle 17 * Stand F 36 | | http://www.cebit.de/ | | | --------------------------------------------------------------
