On Tue, Apr 30, 2002 at 12:03:09PM -0400, Derek J. Balling wrote:
> >I don't think you should have any patching to do. :) The home page
> >for poptop is at http://www.poptop.org.
> Not unless the packaged pptpd/ppp has something else, from the poptop.org
> page:
> # Available PPPD patch allows Windows compatible encryption and
> authentication (MSCHAPv2 and MPPE 40-128 bit RC4 encryption)
You're right.. (I guess you do want to encrypt to a Windows box, so
make sure you're using full strength RC4.. 40 bit keys can be brute
forced).
According to the poptop FAQ:
3.0 PPP (and MSCHAPv2/MPPE) Installation
It is only necessary to use PPP 2.3.8 if you want Microsoft compatible
MSCHAPv2/MPPE authentication and encryption. The reason for this is that
the MSCHAPv2/MPPE patch currently supplied (19990813) is against PPP
2.3.8. If you don't need Microsoft compatible authentication/encryption
any 2.3.x PPP source will be fine.
[...]
The instructions look like you need to make a kernel module.
> So it seems like theres SOMETHING I need to add to pppd to get
> encryption to work with it, and (from my reading) it seems like
> there's a patch that also needs to go in the kernel to make that pppd
> change work as well.
Out of curiousity, why PPTP? Why not IPSec? There's better compatibility
with IPSec (FreeSWAN), and it looks like poptop hasn't been updated in a
long time (since 1999). Also, Win2K and I think (don't quote me on this)
WinXP have builtin IPSec support.
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' gator@cacr.caltech.edu
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
pgpnpM62mpwJk.pgp
Description: PGP signature