OpenBSD manual page server

Manual Page Search Parameters

FINGERD(8) System Manager's Manual FINGERD(8)

fingerdremote user information server

fingerd [-lMmpSsu] [-P filename]

fingerd implements a simple protocol based on RFC 1288 that provides an interface to the Name and Finger programs at several network sites. The program is supposed to return a friendly, human-oriented status report on either the system at the moment or a particular person in depth. There is no required format and the protocol consists mostly of specifying a single “command line”.

fingerd is started by inetd(8), which listens for TCP requests at port 79. Once connected it reads a single command line terminated by a ⟨CRLF⟩ which is passed to finger(1). fingerd closes its connections as soon as the output is finished.

If the line is null (i.e., just a ⟨CRLF⟩ is sent) then finger(1) returns a “default” report that lists all people logged into the system at that moment.

If a user name is specified (e.g., eric⟨CRLF⟩) then the response lists more extended information for only that particular user, whether logged in or not. Allowable “names” in the command line include both “login names” and “user names”. If a name is ambiguous, all possible derivations are returned.

The following options may be passed to fingerd as server program arguments in /etc/inetd.conf:

Enable logging. The name of the host originating the query and the actual request is reported via syslog(3) at LOG_NOTICE priority. A request of the form ‘/W’ or ‘/w’ will return long output. Empty requests will return all currently logged in users. All other requests look for specific users. See RFC 1288 for details.
Enables matching of user names. This is disabled by default if the system is running YP.
Prevent matching of user names. User is usually a login name; however, matching will also be done on the users' real names, unless the -m option is supplied.
filename
Use an alternate program as the local information provider. The default local program executed by fingerd is finger(1). By specifying a customized local server, this option allows a system manager to have more control over what information is provided to remote sites.
Prevents finger(1) from displaying the contents of the “.plan” and “.project” files.
Prints user information in short mode, one line per user. This overrides the “Whois switch” that may be passed in from the remote client.
Enable secure mode. Forwarding of queries to other remote hosts is denied.
Queries without a user name are rejected.

finger(1), inetd(8)

The fingerd command appeared in 4.3BSD.

Connecting directly to the server from a TIP or an equally narrow-minded TELNET-protocol user program can result in meaningless attempts at option negotiation being sent to the server, which will foul up the command line interpretation. fingerd should be taught to filter out IAC's and perhaps even respond negatively (IAC WON'T) to all option commands received.

September 25, 2007 OpenBSD-5.4