On Thu, May 21, 1998 at 01:19:41PM +0800, Adrian Chadd wrote:
When I implemented the forced ident setup, if a user had a static IP, then the ident was passed through. Only if they were a dynamic IP dialup client would the ident be forced.
The idea here is not to provide a username. Its to provide a method of identifying a dialup user, in a way that doesn't change with each login. Since most things already query ident, then why not go this path and make ident 'trusted' on dynamic IP NAS connections?
Ok, I almost like this. The only problem I can see is when the dynamic dialup user is still a linux box... but in that case, the administative control _still_ vests in the subscriber. How about: proxy intercept the ident port and return something based on the dialup ID unless a) the port is a static connection or b) the user has specifically requested to do their own identing. Now, it would be nice to be able to tag which idents come from the proxy and which don't... but we're getting into signed-identd territory now. Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby, Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592 Managing Editor, Top Of The Key sports e-zine ------------ http://www.totk.com