Re: Problem with ppp-2.3.3-5 and authentication

To: James Whitwell <whitwell@pams.com.au>
Cc: debian-user@lists.debian.org
Subject: Re: Problem with ppp-2.3.3-5 and authentication
From: Bill Leach <bleach@bellsouth.net>
Date: Fri, 8 May 1998 12:00:05 -0400
Message-id: <[🔎] 19980508120005.C1888@gandalf>
In-reply-to: <[🔎] m0yXK1p-000kWQC@outshined.pams.com.au>; from James Whitwell on Thu, May 07, 1998 at 04:17:11PM +1100
References: <[🔎] m0yXK1p-000kWQC@outshined.pams.com.au>

Sorry about the delay in responding James, we had a 'significant'
storm roll through yesterday...

I don't know the mechanism for how the authentication actually
takes place for PAP but it looks to me as though you are either
asking for or giving the 'null string' as a password for any
user at <hostname>.

The format for the entries is (AFAIK):
<user> <hostname> <secret> [<ip address(es)>]

>From the ppp manpage, it looks as though there are several ways
that figuring out the correct hostname for the remote system 
could get fouled up.  Also, <user> could either be from the
'user' option or just be the hostname of your system.

I don't think that there is any interaction between PAP or
CHAP and your account password (as in /etc/passwd).

On Thu, May 07, 1998 at 04:17:11PM +1100, James Whitwell wrote:
> On 6/5/98 1:18 AM Bill Leach wrote:
> >My question would be, if Mr. Whitwell's machine is using PAP, are the
> >entries in the ppp/pap-secrets file correct?  AFAIK for the PAP
> >authentication to work (I don't use PAP but have used CHAP), the
> >Username, password, and IP address (or address range) have to match.
> 
> [Mr. Whitwell speaks]
> 
> I think they're OK.  In "/etc/ppp/pap-secrets" I have:
> 
> *    <hostname>     ""
> 
> which the installation script put in, and which I haven't changed 
> (<hostname> is, of course, the name of the machine being dialed-up).

Do you mean 'dialing in' to this machine or being 'dialed-up' BY this
machine?  (I originally thought the former, also supported by the
following lines)

> I basically haven't changed anything from the default mgetty and ppp 
> install.
> 
> In "/etc/ppp/options", I uncommented an "ms-dns" line and added our DNS.
> 
> I copied "/etc/options.ttyXX" to "/etc/ppp/options.ttyS1" and changed it 
> to read "<hostname>:<serial-port-ip>".  Both of these are in our DNS.
> 
> In "/etc/mgetty/login.config" I have:
> 
> /AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login
> 
> which is unchanged from the installation (I don't seem to be having any 
> problems with mgetty in any case).
> 
> The client machines (that dial the Linux box) are a mix of Mac (running 
> OT/PPP 1.0.1) and Windows 95 machines.  Both have worked before with the 
> previous ppp (I think it was 2.2.0-f-<mumblemumble>).
> 
> 
> Can anyone see anything that I've missed.  I'd be thankful for any 
> further comments anyone can make.

The only thing that I can see that appears wrong to me is that there
actually is no secret in your pap-secrets file.

-- 
best,
-bill
                bleach@BellSouth.net
           b.leach@usa.net  LinuxPC@Hotmail.com
from a 1996 Micro$loth ad campaign:
"The less you know about computers the more you want Micro$oft!"
         See!  They do get some things right!


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: Problem with ppp-2.3.3-5 and authentication
  - From: James Whitwell <whitwell@pams.com.au>

Prev by Date: smail without relay
Next by Date: Re: Debian install an 'borrowed' PC for trial
Previous by thread: Re: Problem with ppp-2.3.3-5 and authentication
Next by thread: Re: Problem with ppp-2.3.3-5 and authentication
Index(es):
- Date
- Thread