Bug#126406: kppp: Alternative for using noauth as suggested by README
Ernst Kloppenburg writes:
> Hello,
> On Thu, Apr 15, 2004 at 09:18:20 +0200, Dominique Devriese wrote:
>> Ernst Kloppenburg writes:
>>
>> > Package: kppp Version: 4:3.1.5-1 Severity: normal Followup-For:
>> > Bug #126406
>>
>> > as the original bug reporter says,
>> > /usr/share/doc/kppp/README.Debian gives the very questionable
>> > advice to set "noauth" in /etc/ppp/options
>>
>> Are you sure that you know what this option does ? It does not
>> mean that all users are allowed to change ppp settings. It means
>> that the ppp client does not try to check the authentication of the
>> ppp server of your ISP. Quite a lot of ISPs have broken
>> authentication configs on their servers, because windows clients
>> never check them anyway.
> I think I clearly understand the noauth option:
> - if noauth is given, your pppd does not require the ppp server of the
> ISP to authenticate (which would not be possible)
> - there is a second case, where noauth applies: when somebody dials
> into your machine (which may be wanted or not).
> It is for this second case, that putting 'noauth' into the options
> file is not recommended.
> Therefore, normally all provider configurations in /etc/ppp/peers do
> contain 'noauth'.
> Putting noauth into the kppp configuration normally is not possible,
> because noauth is a privileged option. This is solved by 'privgroup
> dip'.
Oh, I see. Then shouldn't this bug be reassigned to the ppp package ?
cheers
domi
Reply to: