Red Hat Bugzilla – Bug 70131
pidentd's default of encrypt on is bad
Last modified: 2015-01-07 18:58:19 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/20020712
Description of problem:
If I leave /etc/identd.conf unmodified it will randomly cause problems when
trying to connect to irc servers. Below is output from Xchat when it happened
just a minute ago.
Looking up irc.openprojects.net..
Connecting to sendak.openprojects.net (220.127.116.11) port 6667..
Connected. Now logging in..
AUTH :*** Looking up your hostname...
AUTH :*** Checking ident
AUTH :*** Found your hostname
AUTH :*** Got ident response
Closing Link: Chaos (Invalid username [[d/j6hCO1l])
Disconnected (Remote host closed socket).
If I comment out the lines below in /etc/identd.conf I don't ever have this problem.
result:encrypt = yes
encrypt:key-file = "/etc/identd.key"
This has been a problem since at least 7.2.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install pidentd and Xchat
2. service identd start
3. Start Xchat
4. Connect to an irc server repeatedly
Actual Results: Sometimes it will complain about invalid username
Expected Results: For it to never complain about the username.
The IRC server makes an invalid assumption (that it gets the userid). Not a bug
in the package, and not something I want to change - the current way preserves
privacy while still allowing it to function (since the sysadmin can map the key
from the person complaining to a user on his system).