Re: Problem with ppp-2.3.3-5 and authentication
If you've already received a response, forgive me--I only receive the digest version of the mailing list. On 6/5/98 1:18 AM Bill Leach wrote: My question would be, if Mr. Whitwell's machine is using PAP, are the entries in the ppp/pap-secrets file correct? AFAIK for the PAP authentication to work (I don't use PAP but have used CHAP), the Username, password, and IP address (or address range) have to match. [Mr. Whitwell speaks] I think they're OK. In /etc/ppp/pap-secrets I have: *hostname The required structure of the pap-secrets file changed slightly in version 2.3.x. You must now add an extra * to the end of the line above, to allow any ip addresses. Buried within the pppd man page: AUTHENTICATION ... ...Any following words on the same line are taken to be a list of acceptable IP addresses for that client. If there are only 3 words on the line, or if the first word is -, then all IP addresses are disallowed. To allow any address, use *. I was burned by the same problem when setting up a ppp server for our lab. - Kevin Squire [EMAIL PROTECTED] Research Student Nakajima Research Laboratory Tokyo Institute of Technology -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Sorry about the delay in responding James, we had a 'significant' storm roll through yesterday... I don't know the mechanism for how the authentication actually takes place for PAP but it looks to me as though you are either asking for or giving the 'null string' as a password for any user at hostname. The format for the entries is (AFAIK): user hostname secret [ip address(es)] From the ppp manpage, it looks as though there are several ways that figuring out the correct hostname for the remote system could get fouled up. Also, user could either be from the 'user' option or just be the hostname of your system. I don't think that there is any interaction between PAP or CHAP and your account password (as in /etc/passwd). On Thu, May 07, 1998 at 04:17:11PM +1100, James Whitwell wrote: On 6/5/98 1:18 AM Bill Leach wrote: My question would be, if Mr. Whitwell's machine is using PAP, are the entries in the ppp/pap-secrets file correct? AFAIK for the PAP authentication to work (I don't use PAP but have used CHAP), the Username, password, and IP address (or address range) have to match. [Mr. Whitwell speaks] I think they're OK. In /etc/ppp/pap-secrets I have: *hostname which the installation script put in, and which I haven't changed (hostname is, of course, the name of the machine being dialed-up). Do you mean 'dialing in' to this machine or being 'dialed-up' BY this machine? (I originally thought the former, also supported by the following lines) I basically haven't changed anything from the default mgetty and ppp install. In /etc/ppp/options, I uncommented an ms-dns line and added our DNS. I copied /etc/options.ttyXX to /etc/ppp/options.ttyS1 and changed it to read hostname:serial-port-ip. Both of these are in our DNS. In /etc/mgetty/login.config I have: /AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login which is unchanged from the installation (I don't seem to be having any problems with mgetty in any case). The client machines (that dial the Linux box) are a mix of Mac (running OT/PPP 1.0.1) and Windows 95 machines. Both have worked before with the previous ppp (I think it was 2.2.0-f-mumblemumble). Can anyone see anything that I've missed. I'd be thankful for any further comments anyone can make. The only thing that I can see that appears wrong to me is that there actually is no secret in your pap-secrets file. -- best, -bill [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] from a 1996 Micro$loth ad campaign: The less you know about computers the more you want Micro$oft! See! They do get some things right! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
On 6/5/98 1:18 AM Bill Leach wrote: My question would be, if Mr. Whitwell's machine is using PAP, are the entries in the ppp/pap-secrets file correct? AFAIK for the PAP authentication to work (I don't use PAP but have used CHAP), the Username, password, and IP address (or address range) have to match. [Mr. Whitwell speaks] I think they're OK. In /etc/ppp/pap-secrets I have: *hostname which the installation script put in, and which I haven't changed (hostname is, of course, the name of the machine being dialed-up). I basically haven't changed anything from the default mgetty and ppp install. In /etc/ppp/options, I uncommented an ms-dns line and added our DNS. I copied /etc/options.ttyXX to /etc/ppp/options.ttyS1 and changed it to read hostname:serial-port-ip. Both of these are in our DNS. In /etc/mgetty/login.config I have: /AutoPPP/ - a_ppp /usr/sbin/pppd auth -chap +pap login which is unchanged from the installation (I don't seem to be having any problems with mgetty in any case). The client machines (that dial the Linux box) are a mix of Mac (running OT/PPP 1.0.1) and Windows 95 machines. Both have worked before with the previous ppp (I think it was 2.2.0-f-mumblemumble). Can anyone see anything that I've missed. I'd be thankful for any further comments anyone can make. Thanks, James Whitwell -- Programmer - Pacific Advanced Media / ActiveAudio Pty Ltd 29 Albany Street, Crows Nest 2065, Sydney, New South Wales, Australia Ph: 61-2-4398700; Fax: 61-2-4395486. Web: http://www.pams.com.au/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Problem with ppp-2.3.3-5 and authentication
Dear All, I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? Thanks, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Dear All, I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? From the error message you are receiving, it appears that your ISP is using PAP authentication. Try putting a timeout line (e.g., TIMEOUT 45) right after the ATDT... line in your chatscript file, then enter your username and password in the pap-secrets file as shown in the documentation (docs in the pap-secrets file might be sufficient). Try it, and see what happens. Make sure the permissions on the pap-secrets file (and on the /etc/ppp directory) remain tight. Tell us if I am wrong, old timers. I'm still a newbie. ;-) Art New Address: [EMAIL PROTECTED] Thanks, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Oops...forgot to change some configs. to show my new e-mail address. I also left out something in the reply, below! Read on. Dear All, I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? From the error message you are receiving, it appears that your ISP is using PAP authentication. Try putting a timeout line (e.g., TIMEOUT 45) right after the ATDT... line in your chatscript file, And comment-out all lines after that. *Remove your password from the password line* in the chatscript or provider file (depending on whether you run bo or hamm), because the one in your pap-secrets should do the trick, and you don't want to defeat the purpose of it! Let us know if this doesn't work. ...terrible sorry I left out the most important info the first time. _Art then enter your username and password in the pap-secrets file as shown in the documentation (docs in the pap-secrets file might be sufficient). Try it, and see what happens. Make sure the permissions on the pap-secrets file (and on the /etc/ppp directory) remain tight. Tell us if I am wrong, old timers. I'm still a newbie. ;-) Art New Address: [EMAIL PROTECTED] Thanks, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Mr. Whitwell just informed me that he is looking for an answer from the *host* point of view, so one of you old-timers will need to help him with it...sorry, I should have noticed the mgetty reference. Sheesh, do I feel embarrassed! :-) /silly/Art Dear All, I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? Thanks, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Subject: I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? From the error message you are receiving, it appears that your ISP is using PAP authentication. I used Kppp (from KDE) for installing my modem-connection. I did it the first time but kde (in form of kppp) nearly did everything alone. It even changes ip-settings when I use the modem instead of the ethernet, ... And with kppp it is even easier to install than with the dumb win95-prgs. You can get the KDE-Beta4-deb-files at ftp://ftp.kde.org somewhere in stable/dists... Gernot -- - Gernot Bauer Salzburger Kredit- und Wechsel-Bank AG eMail: [EMAIL PROTECTED] (Office) Makartplatz 3, 5020 Salzburg Home: [EMAIL PROTECTED] Austria/Europe Phone: ++43-662-8684-364 The answer is yes, me. Fax: ++43-662-8684-23 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
Well Art don't feel too silly, what you said is essentially correct (except for the chatscript stuff of course). The ppp protocol does not itself have a 'host/user' concept, it is a peer to peer protocol. In practice there typically are differences when PAP or CHAP are involved but again the difference is in the practice and not in the protocol. 'Hosts', in practice, do not normally authenticate themselves _to_ the dial-in machine. My question would be, if Mr. Whitwell's machine is using PAP, are the entries in the ppp/pap-secrets file correct? AFAIK for the PAP authentication to work (I don't use PAP but have used CHAP), the Username, password, and IP address (or address range) have to match. If the user's machine is also setup to expect PAP authorization then he must also have a second line for that 'secrets pair' or tell the user to disable requiring authorization. On Mon, May 04, 1998 at 11:59:57PM -0500, Art Lemasters wrote: Mr. Whitwell just informed me that he is looking for an answer from the *host* point of view, so one of you old-timers will need to help him with it...sorry, I should have noticed the mgetty reference. Sheesh, do I feel embarrassed! :-) /silly/Art Dear All, I've only just joined this list, so I don't know if this has been discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a one-modem dialup. Everything works just fine until pppd goes to verify the username/password, which always fails with PAP authentication failure for username. I've verified the username/password and they're valid. Can someone give me some pointers on where to look next or what the problem might be? Thanks, -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- best, -bill [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] from a 1996 Micro$loth ad campaign: The less you know about computers the more you want Micro$oft! See! They do get some things right! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Problem with ppp-2.3.3-5 and authentication
JW == James Whitwell [EMAIL PROTECTED] writes: JW discussed before. I'm using ppp-2.3.3-5 and mgetty-1.1.14-1 to run a JW one-modem dialup. Everything works just fine until pppd goes to verify JW the username/password, which always fails with PAP authentication JW failure for username. I've verified the username/password and they're JW valid. Can someone give me some pointers on where to look next or what JW the problem might be? Same problem here. I downgraded to ppp-2.2 from bo and it works perfectly. Try it. Maybe ppp got more paranoid about filepermission or such. Unfortunately I don't have access to the machine any more, and I didn't have time to investigate on this matter. Ciao, Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]