NAME¶
in.fingerd
—
remote user information server
SYNOPSIS¶
in.fingerd |
[ -wulf ]
[-pL
path ]
[-t
timeout ] |
DESCRIPTION¶
Fingerd
is a simple daemon based on
RFC1196 that provides an interface to the
“finger” program at most network sites. The program is supposed
to return a friendly, human-oriented status report on either the system at the
moment or a particular person in depth.
If the
-w
option is given, remote users will
get an additional “Welcome to ...” banner which also shows some
informations (e.g. uptime, operating system name and release) about the system
the
in.fingerd
is running on. Some sites
may consider this a security risk as it gives out information that may be
useful to crackers.
If the
-u
option is given, requests of the
form “finger @host” are rejected.
If the
-l
option is given, information about
requests made is logged. This option probably violates users' privacy and
should not be used on multiuser boxes.
If the
-f
option is given, finger forwarding
(user@host1@host2) is allowed. Useful behind firewalls, but probably not wise
for security and resource reasons.
The
-p
option allows specification of an
alternate location for in.fingerd to find the “finger” program.
The
-L
option is equivalent.
The
-t
option specifies the time to wait for
a request before closing the connection. A value of 0 waits forever. The
default is 60 seconds.
Options to in.fingerd should be specified in
/etc/inetd.conf.
The finger protocol consists mostly of specifying command arguments. The
inetd(8) “super-server” runs
in.fingerd
for TCP requests received on
port 79. Once connected
in.fingerd
reads a
single command line terminated by a ⟨CRLF⟩ which is passed to
finger(1). It closes its connections as soon as
all output is finished.
If the line is empty (i.e. just a ⟨CRLF⟩ is sent) then
finger returns a “default” report
that lists all people logged into the system at that moment. This feature is
blocked by the
-u
option.
If a user name is specified (e.g. eric⟨CRLF⟩) then the response
lists more extended information for only that particular user, whether logged
in or not. Allowable “names” in the command line include both
“login names” and “user names”. If a name is
ambiguous, all possible derivations are returned.
SEE ALSO¶
finger(1),
inetd(8)
RESTRICTIONS¶
Connecting directly to the server from a TIP or an equally narrow-minded
TELNET-protocol user program can result in meaningless attempts at option
negotiation being sent to the server, which will foul up the command line
interpretation.
HISTORY¶
The finger daemon appeared in
4.3BSD.