From owner-freebsd-net  Tue Sep 25 11:19:13 2001
Delivered-To: freebsd-net@freebsd.org
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 27B5E37B403
	for <net@FreeBSD.ORG>; Tue, 25 Sep 2001 11:16:25 -0700 (PDT)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f8PIEVJ77448;
	Tue, 25 Sep 2001 14:14:31 -0400 (EDT)
	(envelope-from wollman)
Date: Tue, 25 Sep 2001 14:14:31 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <200109251814.f8PIEVJ77448@khavrinen.lcs.mit.edu>
To: John Polstra <jdp@polstra.com>
Cc: net@FreeBSD.ORG
Subject: Re: Solution (RE: VPN client with mpd)
In-Reply-To: <200109251809.f8PI9Rl19337@vashon.polstra.com>
References: <PCELJJEJJMODEMKEBLLBIEDHCAAA.larse@isi.edu>
	<200109251809.f8PI9Rl19337@vashon.polstra.com>
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

<<On Tue, 25 Sep 2001 11:09:27 -0700 (PDT), John Polstra <jdp@polstra.com> said:

> The trouble with this is that your password will be sent unencrypted
> across the Internet, very possibly hitting a sniffer or two along the
> way.  It's better to insist on chap and fix the broken peers.

Actually, no: the other side, which considers itself a server, doesn't
want to authenticate *itself* in any way to clients (since Windows
clients have no way to accept server authentication).  It's perfectly
happy to have clients authenticate themselves.

-GAWollman


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message