PPPD n VPNS: Preventing simultaneous logins

To: debian-isp@lists.debian.org
Subject: PPPD n VPNS: Preventing simultaneous logins
From: Koba <koba@koba.com.ar>
Date: Sat, 30 Aug 2003 13:45:42 -0300
Message-id: <[🔎] oprup8ug05bil2qs@mail.koba.com.ar>

I've installed a poptop based VPN and now I need some way to prevent thatthe same account can be used to establish simultaneous connections (VPNsessions) to the server. Using fixed addresses is not an option, it's notpossible.

The first thing I thought was grepping the 'ps axuw' command inside ip-upscripts to see if this account is already running pppd, but it's notpossible since: 1. pppd runs suid root so I cannot differentiate betweendifferent running pppds, 2. ip-up scripts doesn't get login information,just enough to set up some routes. And even if it worked it wouldn't be anelegant solution.

Searching the web I found that radius has ways to prevent this (apt-cacheshow yardradius). But before getting inside this I thought that it'dbetter to get some advice.

Should I use radius, ldap or another authentication mecanism? Which one?and, Is there another way to achieve this?

Thanks in advance to everyone and sorry for the yes or no questions, myenglish is not that good. :)


--
Claudio M.

Reply to:

Follow-Ups:
- RE: PPPD n VPNS: Preventing simultaneous logins
  - From: "Shane Chrisp" <shane@2000cn.com.au>

Prev by Date: RE: PPPD n VPNS: Preventing simultaneous logins
Next by Date: squid one time redirection
Previous by thread: Radius Analysis Tools
Next by thread: RE: PPPD n VPNS: Preventing simultaneous logins
Index(es):
- Date
- Thread