Date: Tue, 09 Nov 1999 21:01:28 +0000 From: Brian Somers <brian@Awfulhak.org> To: Wolfram Schneider <wosch@cs.tu-berlin.de>, Sabrina Minshall <sabrina@accesscom.com> Cc: brian@freebsd.org, questions@freebsd.org Subject: Re: [sabrina@accesscom.com: PPP and RADIUS] Message-ID: <199911092101.VAA03427@hak.lan.Awfulhak.org> In-Reply-To: Message from Wolfram Schneider <wosch@cs.tu-berlin.de> of "Tue, 09 Nov 1999 19:45:07 %2B0100." <19991109194507.A15334@freno.cs.tu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> ----- Forwarded message from Sabrina Minshall <sabrina@accesscom.com> ----- > From: Sabrina Minshall <sabrina@accesscom.com> > Subject: PPP and RADIUS > To: wosch@freebsd.org > Date: Tue, 9 Nov 1999 09:51:52 -0800 (PST) > Cc: sabrina@accesscom.com > > Hi Wolfram, > I'm trying to understand how unix style password works on a PPP server. > Suppose a dialup client initates a PPP session with a server and > negotiates the auth. to be either PAP or CHAP, then can the PPP server > use the local /etc/passwd file to validate the response? Or only PAP > (and not CHAP) will work in this case where /etc/passwd file is used? Yes, that is, if you ``enable passwdauth'' or set a users password to ``*'' in ppp.secret, *and* if you ``enable pap'', ppp will simply encrypt the password provided and compare it against the encrypted /etc/passwd entry. If you also enable *chap, the user may chose that instead of pap though, so be careful - ``*'' is an easy password to guess (ie, don't use ``*'' in ppp.secret if you enable chap). > Appreciate any help. > > > Sabrina [.....] > -- > Wolfram Schneider <wosch@freebsd.org> http://wolfram.schneider.org -- Brian <brian@Awfulhak.org> <brian@FreeBSD.org> <http://www.Awfulhak.org> <brian@OpenBSD.org> Don't _EVER_ lose your sense of humour ! <brian@FreeBSD.org.uk> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911092101.VAA03427>