On Tue, 17 Aug 1999, Paul Mackerras wrote:
> Catalin BOIE <[EMAIL PROTECTED]> wrote:
>
> > If I ran pppd-2.3.8 from shell, it gives me:
> > sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xe0361859> <pcomp> <accomp>]
> > but pppd-2.3.9 gives me:
> > sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth pap> <magic 0x73fe202b> <pcomp>
><accomp>]
> >
> > As you can see, PAP is not an option in 2.3.9. It's enabled by default!
>
> Probably you have a default route already. If you have a default
Yes, I have. We are ISP.
> route, pppd requires the peer to authenticate itself. The point is
Yes, I agree. But a user can login first, and then run pppd. It is
authenticated! He/she don't need pap!
pppd 2.3.9+cb4 started by co, uid 541
Punctul 2 (u=co)
Using interface ppp20
Connect: ppp20 <--> /dev/ttyC23
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth pap> <magic 0x73fe202b> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <asyncmap 0x20a0000> <magic 0x8575c2e8> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <asyncmap 0x20a0000> <magic 0x8575c2e8> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth pap> <magic 0x73fe202b> <pcomp> <accomp>]
rcvd [PAP AuthReq id=0x1 user="linux" password=<hidden>]
sent [PAP AuthAck id=0x1 "Login ok"]
... (the user connects ok)
Pay atention here!
The "linux" user don't even exist in my /etc/passwd file!!!
And pppd says that the login it's ok!
This log is after i ask user "co" to put "* * "" *" in
/etc/ppp/pap-secrets.
Without it I get "peer refuse to authenticate" in my logs.
The point is that if a user login in my system with "Terminal window"
using win95 and enters the username, password and after that press "F7",
it's not necesary to auth again with PAP. Anyway, if the username and
password are wrong, a user still can login. pppd-2.3.9 want PAP but if a
user is authenticated already, it ignores the username and the password.
> that if you already have a route to a particular IP address, pppd will
> only let the peer use that address if it has authenticated itself. A
> default route is a route to every IP address, so if you have a default
> route, the peer can't use any IP address without authenticating
> itself.
>
> If you are using pppd to connect to an ISP, it is almost always
> because you don't have a connection to the internet already. :-)
> In that case, you should not have a default route, and then pppd won't
> ask your ISP to authenticate itself. If you have a default route
> which can't get you to any IP address on the internet, then your setup
> is broken.
>
> To check if you have a default route, do `route -n'.
>
> Paul.
>
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
