| IDENTD(8) | System Manager's Manual | IDENTD(8) | 
identd —
| identd | [ -46beIilNnr] [-aaddress] [-ccharset] [-Fformat] [-fusername] [-guid] [-Lusername] [-mfilter] [-oosname] [-Paddress] [-pportno] [-tseconds] [-uuid] | 
identd is a TCP/IP server which implements the user
  identification protocol as specified in RFC 1413.
identd operates by looking up specific
    TCP/IP connections and returning information which may or may not be
    associated with the process owning the connection.
The following options are available:
-4-b).-6-b).-a
    addressidentd will resolve it to an address (or
      addresses) and will bind this address (valid with flag
      -b).-b-c
    charset-e-F
    format
%u	print user name
%U	print user number
%g	print (primary) group name
%G	print (primary) group number
%l	print list of all groups by name
%L	print list of all groups by number
    
    The lists of groups (%l, %L) are comma-separated, and start with the primary group which is not repeated. Any other characters (preceded by %, and those not preceded by it) are printed literally.
-f
    username-g
    gid-I-i but without the restriction that the
      username in .ident must not match an existing
      user.-i-L
    usernameidentd will return this name for all valid ident
      requests.-l-m
    filteridentd changes the ident queries to use the local
      port on the NAT host instead of the local port on the forwarding host.
      This is needed because otherwise we can't do a lookup on the proxy host.
      On the proxy host, “proxy mode” should be enabled with the
      -P flag or “lying mode” with the
      -L flag.-N-n-o
    osname-P
    address-m flag how this operates.-p
    portno-b).-r-n flag is also enabled then a random number will
      be returned.-t
    seconds-u
    uididentd operates from
  inetd(8) or as standalone daemon.
  Put the following lines into
  inetd.conf(5) to enable
  identd as an IPv4 and IPv6 service via inetd:
ident stream tcp nowait nobody /usr/libexec/identd identd -l
ident stream tcp6 nowait nobody /usr/libexec/identd identd -l
To run identd as standalone daemon, use
    the -b flag.
identd is written by
  Peter Postma ⟨peter@NetBSD.org⟩.
identd should typically not be run as a privileged
  user or group, .ident files for use when running with
  the -I or -i flags will need
  to be world accessible. The same applies for .noident
  files when running with the -N flag.
When forwarding is enabled with the -m
    flag then identd will need access to either
    /dev/ipnat (ipfilter),
    /dev/pf (pf), or /dev/npf.
    Since it's not a good idea to run identd under root,
    you'll need to adjust group owner/permissions to the device(s) and run
    identd under that group.
| December 9, 2016 | NetBSD 9.2 |