Bug#126406: kppp: Alternative for using noauth as suggested by README

[Dominique Devriese <dominique.devriese@student.kuleuven.ac.be>]

Ernst Kloppenburg writes:

> Hello,
> On Thu, Apr 15, 2004 at 09:18:20 +0200, Dominique Devriese wrote:
>> Ernst Kloppenburg writes:
>>
>> > Package: kppp Version: 4:3.1.5-1 Severity: normal Followup-For:
>> > Bug #126406
>>
>> > as the original bug reporter says,
>> > /usr/share/doc/kppp/README.Debian gives the very questionable
>> > advice to set "noauth" in /etc/ppp/options
>>
>> Are you sure that you know what this option does ?  It does not
>> mean that all users are allowed to change ppp settings.  It means
>> that the ppp client does not try to check the authentication of the
>> ppp server of your ISP.  Quite a lot of ISPs have broken
>> authentication configs on their servers, because windows clients
>> never check them anyway.

> I think I clearly understand the noauth option:
> - if noauth is given, your pppd does not require the ppp server of the
>   ISP to authenticate (which would not be possible)
> - there is a second case, where noauth applies: when somebody dials
>   into your machine (which may be wanted or not).

> It is for this second case, that putting 'noauth' into the options
> file is not recommended.

> Therefore, normally all provider configurations in /etc/ppp/peers do
> contain 'noauth'.

> Putting noauth into the kppp configuration normally is not possible,
> because noauth is a privileged option. This is solved by 'privgroup
> dip'.

Oh, I see.  Then shouldn't this bug be reassigned to the ppp package ?

cheers
domi