From owner-freebsd-questions  Tue Nov  9  6:21:46 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from athserv.otenet.gr (athserv.otenet.gr [195.170.0.1])
	by hub.freebsd.org (Postfix) with ESMTP id BC4F8152E9
	for <freebsd-questions@freebsd.org>; Tue,  9 Nov 1999 06:21:31 -0800 (PST)
	(envelope-from keramida@diogenis.ceid.upatras.gr)
Received: from hades.hell.gr (patr530-a071.otenet.gr [195.167.115.71])
	by athserv.otenet.gr (8.9.3/8.9.3) with SMTP id QAA27257
	for <freebsd-questions@freebsd.org>; Tue, 9 Nov 1999 16:21:28 +0200 (EET)
Received: (qmail 18966 invoked by uid 1001); 9 Nov 1999 08:29:24 -0000
To: freebsd-questions@freebsd.org
Subject: Re: PPP security
References: <38275646.AD94D6F3@roadhouse.fsnet.co.uk>
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
Date: 09 Nov 1999 10:29:24 +0200
In-Reply-To: matt's message of "Mon, 08 Nov 1999 23:01:26 +0000"
Message-ID: <86aeooukyj.fsf@localhost.hell.gr>
Lines: 29
X-Mailer: Gnus v5.6.45/XEmacs 21.1 - "20 Minutes to Nikko"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

matt <matt@roadhouse.fsnet.co.uk> writes:

> Hello from a newbie.
> I have configured FreeBSD 3.3 RELEASE with kernel ppp and succesfully
> connected to my ISP.
> I am using an /etc/ppp/chat-script file which contains my username and
> password.
> In order to dialup as a non-root user I must have my chat-script
> permissions as 440.
> Is this safe?

If the owner of the file is root:wheel, and you carefully check who gets 
to become a member of the wheel group, it is relatively safe.

> I am sure that my ISP uses CHAP or PAP, but when I try to dialup with an
> /etc/ppp/pap-secrets or /etc/ppp/chap-secrets I cannot connect (I get a
> connect script failed message).

This could be because of a small timeout in ppp.conf, which causes your
ppp program to drop the carrier before pap/chap gets the chance to
authenticate you into your ISP.  Here in Patras, Greece, I am using an
ISP where pap/chap takes ages to authenticate, while chat finishes in
only a few seconds.  You can guess which of the two I'm finally using.

Regards.

-- 
Giorgos Keramidas, <keramida@ceid.upatras.gr>
"What we have to learn to do, we learn by doing." [Aristotle]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message