Authenticating with identd using inetd or xinetd
There has been a lot of to-do about ident and IRC lately. A lot of IRC networks and/or channels require a working identd before you can connect/join. I'm going to step you through the requirements for getting ident running both with inetd and the newer xinetd. If you are running any of the older distributions, you are likely using inetd and have a file called /etc/inetd.conf . If you are using a newer distro i.e. redhat 7.0 or mandrake 7.0 or above, then you are likely using xinetd, which uses a directory called /etc/xinetd.d
Before we get started with the meat of this tutorial, let's understand why ident bans on IRC are a necessary evil, and why you, therefore, must run it. Most legitimate users of IRC use a client to connect to the IRC server that either provides an ident reply of its own, or relies upon an ident daemon to provide the necessary reply. Many of the people who abuse the internet do so with programs that do not provide the necessary ident reply since an actual reply would tell more about their true identity (Get it? IDENTity?). We do not wish to lend to the efforts of these types of people, so doing an ident check periodically helps to ensure that they cannot just "hang out" in the channel.
Since I use inetd, and since it is the simplest IMHO, I will start with it. You must first ensure that you have an acceptable ident client installed. Some of these include, but are not limited to in.identd, oidentd and midentd, all of which can be downloaded at http://freshmeat.net .
After you install your identd, you must enable it. This is where the differences are seen between inetd and xinetd. For inetd, you must start it from the file /etc/inetd.conf . Look through this file until you find the proper line for "auth" and uncomment it. It should look something similar to this:
auth stream tcp nowait nobody /usr/sbin/oident oidentd -i -s -m -W -N
In the case above, you can clearly see that I have installed the oidentd server. If you choose to use oidentd, you will need to use one of the 1.x.x versions because when they went to 2.x, oidentd no longer works with xinetd.
Download oidentd-1.7.1 here
To enable your ident server using xinetd, you must create a file called /etc/xinetd.d/auth and put in that file the following lines. You can enable and disable the server by changing disable from yes to no, or vice-versa.
flags = REUSE
socket_type = stream
wait = no
user = nobody
server = /usr/sbin/oidentd
server_args = -s -m -W -N
log_on_failure += USERID
disable = no
Finally, after all of your changes have been made, you must restart inetd or xinetd as the case may be with the command killall -HUP (x)inetd
I hope that this has been helpful to you. If you have any further questions or comments, please feel free to post them in reply to this article.