[CLUE-Tech] command line initiation of ppp erroring out
Young, Ed
Ed.Young at echostar.com
Wed Mar 14 15:10:51 MST 2001
> Ed,
>
> > I could put noauth in the options file but,
> > In the /etc/ppp/options file it says:
> > # Require the peer to authenticate itself before allowing network
> > # packets to be sent or received.
> > # Please do not disable this setting. It is expected to be standard in
> > # future releases of pppd. Use the call option (see manpage) to disable
> > # authentication for specific peers.
> > auth
>
> You're working too hard, just comment out the "auth" and put "noauth" in
>
Ed> I am? Ok, if you say so...
Ed> Perhaps I'm being a bit too security conciencious after all.
Ed> But I'd sure feel bad if my being lax about security resulted in
the collapse of the free world...
Ed> Wait, isn't my box being exploited by a pppd hole one of the
Seven Signs of the Apocaplypse?
Ed> Thanx Jim.
> there. It's your system, you can do whatever you want with it. The
> other stuff the author(s) of pppd are suggesting has the same effect but
> does so with an "abstraction layer" of sorts.
>
> You can bypass the abstraction layer and just get it to work. You do
> NOT need the peer to authenticate itself if you are calling an ISP.
>
> > In the pppd man page it says:
> > call name
> > Read options from the file /etc/ppp/peers/name.
> > This file may contain privileged options, such as
> > noauth, even if pppd is not being run by root. The
> > name string may not begin with / or include .. as a
> > pathname component. The format of the options file
> > is described below.
> > ...
> > file name
> > Read options from file name (the format is
> > described below). The file must be readable by the
> > user who has invoked pppd.
>
> > So rather than going counter to the fair warning of the author I think I
> > should
> > 1. create a file /etc/ppp/peers/SomeFilewithAltOptions
> > 2. set permissions accordingly.
> > 3. add the line
> > noauth
> > 4. In the /etc/ppp/options file put the line
> > call SomeFilewithAltOptions
>
> > I'm missing something or how is this different than simply putting
> > "noauth" in the
> > options file? I read the bit about the format of the options files
> > (.pppdrc, options, options.ttyXX) but am not sure about the usage.
>
> > It seems that the idea is to restrict running pppd but I'm not seeing
> > how this is done.
>
> > Ed
>
> > Jim Ockers wrote:
> > >
> > > Ed:
> > >
> > > Add the "noauth" option to the /etc/ppp/options file. This will tell
> > > pppd that you do not require the peer to authenticate itself. It
> should
> > > work once you do that.
> > >
> > > I use ppp for both dialing in (terminal server) and dialing out (ISP
> > > access) on various systems. I always configure the dialing-out port
> > > as noauth but you want to make sure the dialing-in ports require
> authen-
> > > tication.
> > >
> > > HTH.
> > >
> > > --
> > > Jim Ockers (ockers at ockers.net) Ask me about Linux!
>
> > > Contact info: please see http://www.ockers.net/
> > >
> > > Fight Spam! Join CAUCE (Coalition Against Unsolicited Commercial
> Email)
> > > at http://www.cauce.org/ .
> > >
> > > _______________________________________________
> > > CLUE-Tech mailing list
> > > CLUE-Tech at clue.denver.co.us
> > > http://clue.denver.co.us/mailman/listinfo/clue-tech
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
>
> --
> Jim Ockers (ockers at ockers.net) Ask me about Linux!
> Contact info: please see http://www.ockers.net/
>
> Fight Spam! Join CAUCE (Coalition Against Unsolicited Commercial Email)
> at http://www.cauce.org/ .
>
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list