Using finger and chfn

Using finger and chfn

In the Unix environment, you are able to use a tool called finger to list user information. Although this is a dangerous command to leave unsecured, it's helpful to some degree. Most times, finger is disabled because if left open and unmanaged, it can be exploited. For this reason, we will not spend too much time on finger; you most likely may not even be able to use it on your system. If you can, you will see that in cases in which no other way to list information is available (like an email or messaging application), finger does the job quite nicely.

How does finger work? To put it in simple terms, information about each user's physical address is stored as part of the user's system password file when populating the finger database; this means that it is possible to retrieve information about each user from the finger databaseit's that easy. If you are performing finger on your own system (by typing finger and pressing Enter), you should see a summary detailing your login, name, login time, and where you are logged in from.

If you use finger on your own system and do not get the information you desire, you only need to populate the appropriate fields, thus completing the information. Remember, though, this information can be publicly accessed. In order to change the information, you'll need to use chfn, which is discussed later in the lesson.

Using the finger command is simple. Just enter finger <username> to get information about a user who is local to your system. To get information about someone on a remote system, try entering the following: finger <username>@<remote host>. Depending on the type of remote host and how the remote host is configured, this command might or might not work.

Let's look at the following example:

 rshimonski@UNIX1>finger Login: Name:           Idle: Login Time: Where: rob ___Rob Shimonski___-____Fri 18:23  Console 

This is the finger information returned about my personal account. As you can see, there isn't much here other than my login name, my user account name (full name here), my status, the time I logged in, and the location from where I logged in. This is all that is returned because I have not yet set any other personal information. In the next section, we will learn to use the chfn command to add more information to an account. You will only be able to add this information if you are working in a lab environment or have permission to do so (that is, if your system even continues to use finger in the first place).

Finger Is Normally Disabled As previously mentioned, finger is usually disabled on most Unix systems. Most system administrators who audit their Unix systems for security holes consider this particular protocol to be exploitable, so many times, they disable this function.

Using chfn

The chfn command runs an interactive process that enables you to set more personal information into your account. That way, when you run finger, you can get more detail. Run chfn on a command line without any options, as follows:

 >chfn Changing finger information for rob. Password: ***** Enter the new value, or press ENTER for the default Full Name: Robert Shimonski Room Number: 13 Work Phone: (212)123-4567 Home Phone: (212)234-5678 Other: 0 Finger information changed. 

Once you see "Finger information changed," you can run finger again and view the changes that you made. Again, although this command is helpful, it's not often used in light of today's messaging applications and portable databases that can be accessed using mobile phones, pocket PCs, and so on.

So now that you know how to change your shell and alter your password and personal information, let's turn our attention to monitoring your Unix system. In the next section, we will cover a few commands that can help you manage Unix. They are date, uptime, and who.