Gritty's Blog

antenna

Background

Not a lot of folks use the finger command or protocol these days; however, I've been delving into the #smallweb / smolweb (i.e., the Gemini Protocol) for the past year and noticed a few people have revived this ancient protocol for status updates. I figured I'd give it a shot, and I thought it would be simple, but the lack of guidance really hindered me for a bit.

If you're wondering, efingerd / fingerd (the original) simply enables people outside of your own linux machine to use the finger command, just remotely.

Installing

Finger / efingerd is not installed on Ubuntu 22.10 by default so you have to install it:

$ sudo apt-get install finger
$ sudo apt-get install efingerd

Other finger daemons

This post only goes over efingerd, but if you want to see what other finger daemons are available:

$ apt search fingerd

Enabling efingerd

On Ubuntu 22.10, the install script should automatically update your /etc/inetd.conf file with the necessary configuration. One thing I learned is that these old programs are launched by another wrapper daemon, namely tcpd. I really tried getting cfingerd to work with systemd, xinetd, and inetd, but I kept getting errors, so I went with efingerd in the end.

If you check out /etc/inetd.conf, you'll see this line added:

:INFO: Info services
finger   stream  tcp  nowait   efingerd  /usr/sbin/tcpd   /usr/sbin/efingerd 

which I edited to:

:INFO: Info services
finger   stream  tcp  nowait   root  /usr/sbin/tcpd   /usr/sbin/efingerd -u -t 5  
  • -u prevents users from using the executable ~/.efingerd file
  • -t 5 sets the connection timeout
  • I also changed user to root (which most other finger daemons run as) so that each user's home directory could be read by the bash scripts, otherwise the user efingerd can't see into those.

Enabling the Service

$ sudo systemctl inetd restart

Checking the service

$ sudo journalctl -f -u inetd

and

$ sudo systemctl status inetd

Configuring efingerd

make all files in /etc/efingerd executeable

sudo chmod +x /etc/efingerd/

edit them – there are a few test commands in there... check out the manpage for what they do

I pretty much got rid of everything (finger shows users logged in and their IP addresses) and crafted my own scripts inside the files to read the user's directory for the .plan, .project. and .pgpkey files, and display them if they exist.

Open port in firewall

$ sudo ufw enable 79/tcp

Testing efingerd

try to finger your server:

finger @<your server>

(responds with whatever is in “list”)

and

finger <user>@<your server>

(responds with whatever is in “luser”)

Addendum – happynetbox

I reached out to the owner of happynetbox [1], a web front-end to finger where you can sign up for your own account and have a finger account purely through the web. I found this site because of ~ruario's posting on #antenna where they were testing if antenna would allow a finger:// submission. Anyways, the owner responded to me and said they used a Node project on github as a baseline for that entire site, which, might actally be easier than setting up 30 year old finger programs on today's systems. The site can be found here: * Simple Node.js finger server * Happynetbox