I'm trying to set
to pppd (version 2.3.11) to authenticate dial in users with our Novell 3.12
server.
Im using the
pam_ncp_auth module that is part of ncpfs-2.2.0.17
AutoPPP works fine
for users that have a unix account and use their unix ID and
password,
but does not work
for users that don't have a unix account or use their novell password not their
unix.
The sequence of
events as I understand is is thus...
User dials in and
mgetty fires up pppd as root but stores pppuser in wtmp for
who.
pppd ataches itself
to ttyS0 and does an LCP then a PAP, once authentcated it starts
the
protocols, in this
case IPX and IP, the session runs until the user drops the call then pppd
quits.
From
/usr/local/etc/mgetty+sendfax/login.config
...
/AutoPPP/
- pppuser /usr/sbin/pppd
...
Because of the dash
(-) pppd is run as root and connected to the ttyS0 that this mgetty is running
from.
From
/etc/inittab
...
S0:3:respawn:/usr/local/sbin/mgetty -D -x2
/dev/ttyS0
....
From /var/log/debug,
output of pppd's debug option
Mar 3 13:15:46
dogger pppd[5000]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth
pap> <magic 0xffff1911> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: rcvd [LCP ConfReq id=0x5 <asyncmap 0xa0000> <magic 0x2920f3> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: sent [LCP ConfAck id=0x5 <asyncmap 0xa0000> <magic 0x2920f3> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth pap> <magic 0xffff1911> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth pap> <magic 0xffff1911> <pcomp> <accomp>]
Mar 3 13:15:52 dogger pppd[5000]: rcvd [PAP AuthReq id=0x2 user="phil" password="NovellPW"]
Mar 3 13:16:43 dogger pppd[5000]: sent [PAP AuthAck id=0x2 "Success"]
Mar 3 13:15:49 dogger pppd[5000]: rcvd [LCP ConfReq id=0x5 <asyncmap 0xa0000> <magic 0x2920f3> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: sent [LCP ConfAck id=0x5 <asyncmap 0xa0000> <magic 0x2920f3> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth pap> <magic 0xffff1911> <pcomp> <accomp>]
Mar 3 13:15:49 dogger pppd[5000]: rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth pap> <magic 0xffff1911> <pcomp> <accomp>]
Mar 3 13:15:52 dogger pppd[5000]: rcvd [PAP AuthReq id=0x2 user="phil" password="NovellPW"]
Mar 3 13:16:43 dogger pppd[5000]: sent [PAP AuthAck id=0x2 "Success"]
Mar 3 13:16:43
dogger pppd[5000]: sent [IPCP ConfReq id=0x1 <addr 172.16.1.21>
<compress VJ 0f 01>]
Mar 3 13:16:43 dogger pppd[5000]: sent [IPXCP ConfReq id=0x1 <network 666> <node 000000000001>]
Mar 3 13:16:43 dogger pppd[5000]: sent [LCP TermReq id=0x2 "User request"]
Mar 3 13:16:43 dogger pppd[5000]: sent [IPXCP ConfReq id=0x1 <network 666> <node 000000000001>]
Mar 3 13:16:43 dogger pppd[5000]: sent [LCP TermReq id=0x2 "User request"]
And in system log
/var/log/messages
Mar 3 13:15:46
dogger pppd[5000]: pppd 2.3.11 started by pppuser, uid 0
Mar 3 13:15:46 dogger pppd[5000]: Using interface ppp0
Mar 3 13:15:46 dogger pppd[5000]: Connect: ppp0 <--> /dev/ttyS0
Mar 3 13:15:52 dogger pppd[5540]: Terminating on signal 15.
Mar 3 13:16:43 dogger pppd[5000]: Hangup (SIGHUP)
Mar 3 13:16:43 dogger pppd[5000]: user phil logged in
Mar 3 13:16:43 dogger pppd[5000]: write: warning: Input/output error (5)
Mar 3 13:16:43 dogger last message repeated 3 times
Mar 3 13:16:43 dogger pppd[5000]: Modem hangup
Mar 3 13:16:43 dogger PAM_pwdb[5000]: 1 authentication failure; pppuser(uid=0) -> phil for ppp service
Mar 3 13:16:43 dogger pppd[5000]: Connection terminated.
Mar 3 13:16:43 dogger pppd[5000]: Connect time 1.0 minutes.
Mar 3 13:16:43 dogger pppd[5000]: Sent 236 bytes, received 457 bytes.
Mar 3 13:16:43 dogger pppd[5000]: Exit.
Mar 3 13:15:46 dogger pppd[5000]: Using interface ppp0
Mar 3 13:15:46 dogger pppd[5000]: Connect: ppp0 <--> /dev/ttyS0
Mar 3 13:15:52 dogger pppd[5540]: Terminating on signal 15.
Mar 3 13:16:43 dogger pppd[5000]: Hangup (SIGHUP)
Mar 3 13:16:43 dogger pppd[5000]: user phil logged in
Mar 3 13:16:43 dogger pppd[5000]: write: warning: Input/output error (5)
Mar 3 13:16:43 dogger last message repeated 3 times
Mar 3 13:16:43 dogger pppd[5000]: Modem hangup
Mar 3 13:16:43 dogger PAM_pwdb[5000]: 1 authentication failure; pppuser(uid=0) -> phil for ppp service
Mar 3 13:16:43 dogger pppd[5000]: Connection terminated.
Mar 3 13:16:43 dogger pppd[5000]: Connect time 1.0 minutes.
Mar 3 13:16:43 dogger pppd[5000]: Sent 236 bytes, received 457 bytes.
Mar 3 13:16:43 dogger pppd[5000]: Exit.
Mar 3 13:16:43
dogger pppd[5540]: Hangup (SIGHUP)
Ive looked at the
difference in the log files between a unix user and a novell one, the only I can
see is an entry in messages
that says that there
is an i/o error what is this and what file or device is this
with?
Anyone else got this
to work?
Any assistance would
be apreciated.
Jason.
From
/etc/pam.d/ppp
#%PAM-1.0
# Information for the PPPD process with the 'login' option.
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_pwdb.so shadow nullok
auth required /lib/security/pam_ncp_auth.so -d -q use_first_pass server=NOVELL
account required /lib/security/pam_permit.so
session required /lib/security/pam_permit.so
# Information for the PPPD process with the 'login' option.
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_pwdb.so shadow nullok
auth required /lib/security/pam_ncp_auth.so -d -q use_first_pass server=NOVELL
account required /lib/security/pam_permit.so
session required /lib/security/pam_permit.so
From
/etc/ppp/options.ttyS0
-detach
debug
netmask 255.255.0.0
172.16.1.21:172.16.1.20
ms-dns 172.16.1.11
ms-wins 172.16.1.11
proxyarp
ipx
ipx-node 1:2
ipx-network 666
ipx-routing 2
nodefaultroute
auth
login
-chap
+pap
show-password
debug
netmask 255.255.0.0
172.16.1.21:172.16.1.20
ms-dns 172.16.1.11
ms-wins 172.16.1.11
proxyarp
ipx
ipx-node 1:2
ipx-network 666
ipx-routing 2
nodefaultroute
auth
login
-chap
+pap
show-password
