wp | anoopdotnet

From time to time, I find some settings for vi on remote systems that really kind of freak me out. The one I found recently was ‘incsearch’ so I decided to use this opportunity to note down the settings I use on a daily basis. Hope you find some of these useful.


syntax on  
set hlsearch
set incsearch
set ruler
set showmatch


syntax on is pretty obvious. If you’re writing code, it’s pretty smart about highlighting the code so it’s easier to read. It can be odd at first but I find it really useful and after a while, it becomes second nature.

set hlsearch highlights your search terms so they’re easy to see. I like this option a lot. not everyone does.

set incsearch searches as you type. It’s new to me so I’m still getting used to it but I think I can already see some uses for it.

set ruler shows you where your cursor is at all times. I like this option a lot if only to tell me what line number I’m on. set number will also do this but I also find it irritating because it also interferes with my copy/paste habits.

set showmatch is really useful if you’re a coder. If you’ve got somewhat complicated conditional statements or loops, this feature will show you where brackets match so you can find missing brackets and close the proper blocks.

Hope these help. I’ll update these as I find more.

You should know that I only recommend doing this on systems that you ABSOLUTELY trust. If you have any doubt what so ever, do NOT continue.

I never thought i’d actually need this but i ended up actually providing it as a solution for securing database accounts.

To get this working on CentOS 5, I had to do the following

# yum install xinetd authd

authd is an xinetd service and authd is the RFC 1413 identd service

Out of the box, authd comes a little more secure than I expected. It’s not bad but it’s definitely a hindrance for other systems when they don’t know what to send.

/etc/xinetd.d/auth will come by default with

server_args = -t60 --xerror --os -E


This tells inetd to expect the ‘uname’ instead of ‘UNIX’ as the OS name. It’s great that it offers this option but I don’t know if all identd clients need to know what OS it is. You can leave it in if you like. Lastly, it tells identd to encrypt the username and then send it. I’m not sure how many identd clients can handle that.

I changed it to


server_args = -t60 --xerror


start or restart xinetd and you should see 113 listening.

I’m a lazy guy so I can’t be bothered to open more than one connection to a server. You can open two if you prefer.

I login and start tcpdump


tcpdump -i lo -nn "port 113" &
telnet localhost 113


It should show you distinctly what port two ports are involved in the connection you just made.

IP 127.0.0.1.SOURCE_PORT_NUM > 127.0.0.1.113

Next type in “SOURCE_PORT_NUM,113″ and hit Enter. Note that “SOURCE_PORT” here is a NUMBER not actually “SOURCE_PORT”

Amidst all the messy tcpdump output, you should see a line

SOURCE_PORT_NUM , 113 : USERID : UNIX :root

That shows you that identd is working properly. At least locally.

So if you ever find any of this useless knowledge helpful, let me know.

Unix/Linux admins are taught to hate identd because it’s pretty much the least secure protocol but I have to believe that it has a place in an environment that is completely trusted. You don’t have random users logging in or random accounts being created.

I think the overall advantage here is that you can use this to provide an additional layer of security across your trusted enterprise.