PPPD n VPNS: Preventing simultaneous logins
I've installed a poptop based VPN and now I need some way to prevent that
the same account can be used to establish simultaneous connections (VPN
sessions) to the server. Using fixed addresses is not an option, it's not
possible.
The first thing I thought was grepping the 'ps axuw' command inside ip-up
scripts to see if this account is already running pppd, but it's not
possible since: 1. pppd runs suid root so I cannot differentiate between
different running pppds, 2. ip-up scripts doesn't get login information,
just enough to set up some routes. And even if it worked it wouldn't be an
elegant solution.
Searching the web I found that radius has ways to prevent this (apt-cache
show yardradius). But before getting inside this I thought that it'd
better to get some advice.
Should I use radius, ldap or another authentication mecanism? Which one?
and, Is there another way to achieve this?
Thanks in advance to everyone and sorry for the yes or no questions, my
english is not that good. :)
--
Claudio M.
Reply to: