FINGERD(8)              OpenBSD System Manager's Manual             FINGERD(8)


     fingerd - remote user information server


     fingerd [-lMmpSsu] [-P filename]


     fingerd implements a simple protocol based on RFC 1288 that provides an
     interface to the Name and Finger programs at several network sites.  The
     program is supposed to return a friendly, human-oriented status report on
     either the system at the moment or a particular person in depth.  There
     is no required format and the protocol consists mostly of specifying a
     single ``command line''.

     fingerd is started by inetd(8), which listens for TCP requests at port
     79.  Once connected it reads a single command line terminated by a <CRLF>
     which is passed to finger(1).  fingerd closes its connections as soon as
     the output is finished.

     If the line is null (i.e., just a <CRLF> is sent) then finger(1) returns
     a ``default'' report that lists all people logged into the system at that

     If a user name is specified (e.g., eric<CRLF>) then the response lists
     more extended information for only that particular user, whether logged
     in or not.  Allowable ``names'' in the command line include both ``login
     names'' and ``user names''.  If a name is ambiguous, all possible
     derivations are returned.

     The following options may be passed to fingerd as server program
     arguments in /etc/inetd.conf:

     -l      Enable logging.  The name of the host originating the query and
             the actual request is reported via syslog(3) at LOG_NOTICE
             priority.  A request of the form `/W' or `/w' will return long
             output.  Empty requests will return all currently logged in
             users.  All other requests look for specific users.  See RFC 1288
             for details.

     -M      Enables matching of user names.  This is disabled by default if
             the system is running YP.

     -m      Prevent matching of user names.  User is usually a login name;
             however, matching will also be done on the users' real names,
             unless the -m option is supplied.

     -P filename
             Use an alternate program as the local information provider.  The
             default local program executed by fingerd is finger(1).  By
             specifying a customized local server, this option allows a system
             manager to have more control over what information is provided to
             remote sites.

     -p      Prevents finger(1) from displaying the contents of the ``.plan''
             and ``.project'' files.

     -S      Prints user information in short mode, one line per user.  This
             overrides the ``Whois switch'' that may be passed in from the
             remote client.

     -s      Enable secure mode.  Forwarding of queries to other remote hosts
             is denied.

     -u      Queries without a user name are rejected.


     finger(1), inetd(8)


     The fingerd command appeared in 4.3BSD.


     Connecting directly to the server from a TIP or an equally narrow-minded
     TELNET-protocol user program can result in meaningless attempts at option
     negotiation being sent to the server, which will foul up the command line
     interpretation.  fingerd should be taught to filter out IAC's and perhaps
     even respond negatively (IAC WON'T) to all option commands received.

OpenBSD 5.4                   September 25, 2007                   OpenBSD 5.4

[Unix Hosting | Open-Source | Contact Us]
[Engineering & Automation | Software Development | Server Applications]