Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 09 Nov 1999 21:01:28 +0000
From:      Brian Somers <brian@Awfulhak.org>
To:        Wolfram Schneider <wosch@cs.tu-berlin.de>, Sabrina Minshall <sabrina@accesscom.com>
Cc:        brian@freebsd.org, questions@freebsd.org
Subject:   Re: [sabrina@accesscom.com: PPP and RADIUS] 
Message-ID:  <199911092101.VAA03427@hak.lan.Awfulhak.org>
In-Reply-To: Message from Wolfram Schneider <wosch@cs.tu-berlin.de>  of "Tue, 09 Nov 1999 19:45:07 %2B0100." <19991109194507.A15334@freno.cs.tu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
> ----- Forwarded message from Sabrina Minshall <sabrina@accesscom.com> -----
> From: Sabrina Minshall <sabrina@accesscom.com>
> Subject: PPP and RADIUS
> To: wosch@freebsd.org
> Date: Tue, 9 Nov 1999 09:51:52 -0800 (PST)
> Cc: sabrina@accesscom.com
> 
> Hi Wolfram,
>    I'm trying to understand how unix style password works on a PPP server.
>    Suppose a dialup client initates a PPP session with a server and 
>    negotiates the auth. to be either PAP or CHAP, then can the PPP server 
>    use the local /etc/passwd file to validate the response? Or only PAP
>    (and not CHAP) will work in this case where /etc/passwd file is used?

Yes, that is, if you ``enable passwdauth'' or set a users password to 
``*'' in ppp.secret, *and* if you ``enable pap'', ppp will simply 
encrypt the password provided and compare it against the encrypted 
/etc/passwd entry.

If you also enable *chap, the user may chose that instead of pap 
though, so be careful - ``*'' is an easy password to guess (ie, don't 
use ``*'' in ppp.secret if you enable chap).

>    Appreciate any help.
> 
> 
>    Sabrina
[.....]
> -- 
> Wolfram Schneider <wosch@freebsd.org> http://wolfram.schneider.org

-- 
Brian <brian@Awfulhak.org>                        <brian@FreeBSD.org>
      <http://www.Awfulhak.org>;                   <brian@OpenBSD.org>
Don't _EVER_ lose your sense of humour !          <brian@FreeBSD.org.uk>




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911092101.VAA03427>