PAP authentication server names
Thanks to Tim, Joost and Carey for the callback suggestions. I guess the
log contains the server's innocent reflection of the login name (which is
secret) and to change this would require a change in the way mgetty's
callback worked. BTW I don't have HANGUP in my man chat, so I guess I'm
slightly behind the current version.
A related question:
I'm trying to set up PPP with reasonably secure PAP authentication, and
I'm using AutoPPP in mgetty. I have worked out how to set user= and
password= at both ends with mgetty/login.config, my pppd command and
pap-secrets; and the etc/passwd checks it ok.
But I don't really understand how the second field of pap-secrets works
at all. The file installed by ppp has
# INBOUND
* os ""
#OUTBOUND
os * password
and I added
pppppppp * password-for-pppppppp
which works if there's a user pppppppp with password password-for-pppppppp
on the computer at the other end.
I don't really understand what "os" means in the first line. The
documentation implies it ought to be the local name, but I don't
knowingly have anything set to os. And anyway, nothing changes if I
comment out this line.
On the other hand, I've had no success at making a connection if my added
line has anything other than * in the second field. I've tried
appropriate hostnames and usernames in
that position, and I've also tried putting foo there and adding
remotename foo to the pppd command line but if it's not * then no PAP is
sent from this end.
What do other people have in their pap-secrets? (without revealing any
real secrets!)
--
David Wright, Open University, Earth Science Department, Milton Keynes MK7 6AA
U.K. email: d.wright@open.ac.uk tel: +44 1908 653 739 fax: +44 1908 655 151
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: