IDECRYPT(8)	    UNIX Programmer's Manual	      IDECRYPT(8)


NAME
     idecrypt - Decrypt tokens obtained from identd

SYNOPSIS
     /usr/sbin/idecrypt

DESCRIPTION
     idecrypt is a utility for decrypting the encrypted tokens
     that identd(8) provided instead of usernames when it is run
     in encrypted-token mode (that is, with the -C flag).

     idecrypt reads up to 1024 lines from the /etc/identd.key
     file, converting each line to a DES key using
     des_string_to_key(3).  It then reads standard input, search-
     ing for encrypted tokens in the format produced by
     identd(8), decrypts the tokens if possible, and copies all
     unrecognised text from standard input to standard output
     without modification.

     If more than one key appears in the key file, then identd(8)
     will use the first key for encryption, and idecrypt will
     attempt to use all the keys for decryption.  This allows new
     keys to be used by identd(8) without losing the ability for
     idecrypt to decrypt old tokens (until there are more than
     1024 keys in the key file).

     Each encrypted token consists of 32 base64 characters,
     enclosed in square brackets.  To make it easier to process
     logs generated by versions of tcpd (8) that convert the
     square brackets to underlines, idecrypt permits underline
     characters instead of square brackets in its input.

     idecrypt's output from decrypting each token is a human
     readable string containing the timestamp (displayed as a
     local time in ctime(3) format), the numeric uid, the local
     IP address, the local port number, the remote IP address and
     the remote port number.

EXAMPLE
     Suppose that the local host has IP address 10.2.3.4, the
     local /etc/identd.key file contains

     foobar

     and the local host is running the identd(8) server in
     encrypted-token mode.

     Now, if a local user with uid 501 telnets to a remote host
     with IP address 10.9.8.7, the remote host may choose to make
     an ident query back to the local host, in order to obtain
     some information to be logged for possible use later.  The
     local identd(8) might send the following encrypted token to


Printed 11/24/99	   19 May 1996				1


IDECRYPT(8)	    UNIX Programmer's Manual	      IDECRYPT(8)


     the remote host instead of sending a username:

     [aALdNYxh2496K4DDTel2Nk0Jzj5mRbok]

     If the administrator of the remote host later provides the
     administrator of the local host with a copy of the encrypted
     token, and if the secret key has not been removed from the
     local /etc/identd.key file, then the administrator of the
     local host can run idecrypt and can provide the encrypted
     token in standard input.

     idecrypt will then print the following decrypted informa-
     tion:

     Sun May 19 00:25:23 1996 501 10.2.3.4 2304 10.9.8.7 23

     This represents the time the encrypted token was created,
     the local user id, the local IP address and port number, and
     the remote IP address and port number.

SEE ALSO
     identd(8) tcpd(8)

BUGS
     The handling of fatal errors could be better.


Printed 11/24/99	   19 May 1996				2


 
Generated: 2016-12-26
Generated by man2html V0.25
page hit count: 1430
Valid CSS Valid XHTML 1.0 Strict