Date: Wed, 16 Oct 1996 19:59:59 +0930 (CST) From: Peter Childs <pjchilds@imforei.apana.org.au> To: davo@chunga.kt.apana.org.au (Dave Edwards), val@omnisolve.com, freebsd-isp@freebsd.org Subject: Re: ijppp and ppp.secret for PAP Message-ID: <199610161029.TAA06600@al.imforei.apana.org.au>
next in thread | raw e-mail | index | archive | help
In article <53t8oj$fhb@al.imforei.apana.org.au> you wrote:
: 'Valtaire scribbled..'
: > Hello. I use ijppp for my server, and i'd like to start using PAP
: > authentication. Problem is, I can't seem to figyre out how to set
: > up my ppp.secret file.
: >
: > whenever i try to log in it says:
: >
: > 10-13 12:18:22 [17332] Phase: Authenticate
: > 10-13 12:18:22 [17332] his = 0, mine = c023
: > 10-13 12:18:22 [17332] PapInput: REQUEST
: > 10-13 12:18:22 [17332] PasswdAuth enabled - calling
: > 10-13 12:18:22 [17332] PasswdAuth - user not a PPP user
: > 10-13 12:18:22 [17332] PapOutput: NAK
[cut]
: Hmmm, could be whitespace messing it up, sounds like a
: configuration problem anyway...
: However why keep a file around with passwords in it, when you
: can authenticate using the /etc/passwd file!
This is a 2.2-current system. You can see that either you supped
and built at just the wrong moment in time, or you have
enable passwdauth
in your ppp.conf (your vars.c should be version 1.9)
if you _don't_ want to authenticate users from the /etc/password
file then use
disable passwdauth
(this is the default in the latest 2.2-current ppp, ie vars.c 1.9)
If you _do_ want to use password authentication then you should
edit passwdauth.c Notice the section where only users with a
username starting with "P" are considered vaild ppp users?
Better kill that bit of code, or put in your own check...
#ifdef LOCALHACK
/*
* All our PPP usernames start with 'P' so i check that here... if you
* don't do this i suggest all your PPP users be members of a group
* and you check the guid
*/
if( name[0] != 'P' )
{
LogPrintf( LOG_LCP, "PasswdAuth - user (%s) not a PPP user\n", name );
endpwent();
return 0;
}
#endif /* LOCALHACK */
I'll think on this and probably submit some diff's commenting this
out since it will no doubt cause more grief than good.
Its worth reading the bits on #define LOCALHACK in passwdauth.c and
deciding if you want to keep it on or turn it off depending on what
you are trying to do.
I'm open on suggestions for tidying up this a little.
Peter
--
Peter Childs --- http://www.imforei.apana.org.au/~pjchilds
Finger pjchilds@al.imforei.apana.org.au for public PGP key
Drag me, drop me, treat me like an object!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610161029.TAA06600>