Date: Mon, 07 Apr 1997 06:59:57 From: John Clark <email@john.net> To: questions@freebsd.org Subject: pppd vs. getty with inetd, security Message-ID: <3.0.1.32.19970407065957.00ab4100@199.3.74.250>
next in thread | raw e-mail | index | archive | help
Hello, I have a modem on a FreeBSD host that I use to establish a PPP connection with remote clients. Currently, I have getty monitoring serial port 1 for incoming calls: ttyd1 "/usr/libexec/getty std.57600" dialup on insecure After logging in, I just start 'pppd' and all is well. However, this seems to be a waste of resources (a shell), and also adds another layer of software between the modem and the pppd code. Therefore, I have been experimenting with the following line in /etc/ttys: cuaa1 "/usr/sbin/pppd /dev/cuaa1 57600 -detach" unknown on This really works great, but there is no security here -- anyone can call in without login confirmation. How do I implement security with this approach? You say CHAP / PAP? Well, I have never used either -- the password protection of the shell has been sufficient to date. I also need to login with various clients which may not have such advanced protocols. Is there a way to have pppd prompt for a login/password? Any advice on this issue would be appreciated... Thanks, John Clark [email@john.net]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.1.32.19970407065957.00ab4100>