RE: PPPD n VPNS: Preventing simultaneous logins
I would use radius myself. The reason for my choice is that
you can use radius to prevent things such as multiple logins
and also set other connection attributes, but also because
you can authenticate from almost anything using radius. There
are modules for most servers to allow auth against ldap, passwd
text, sql and many others.
cheers,
Shane
> I've installed a poptop based VPN and now I need some
>way to prevent that
>the same account can be used to establish simultaneous
>connections (VPN
>sessions) to the server. Using fixed addresses is not an
>option, it's not
>possible.
>
> The first thing I thought was grepping the 'ps axuw'
>command inside ip-up
>scripts to see if this account is already running pppd, but it's not
>possible since: 1. pppd runs suid root so I cannot
>differentiate between
>different running pppds, 2. ip-up scripts doesn't get login
>information,
>just enough to set up some routes. And even if it worked it
>wouldn't be an
>elegant solution.
>
> Searching the web I found that radius has ways to
>prevent this (apt-cache
>show yardradius). But before getting inside this I thought that it'd
>better to get some advice.
>
> Should I use radius, ldap or another authentication
>mecanism? Which one?
>and, Is there another way to achieve this?
>
> Thanks in advance to everyone and sorry for the yes or
>no questions, my
>english is not that good. :)
>
>--
>Claudio M.
>
>
>
>--
>To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact
>listmaster@lists.debian.org
>
>
Reply to: