Nathan,
As sent from the user, it was open because the example sent
does NOT have a hostname listed nor a username and so it
does not matter what options are included , auto PPP would validate
all requests. I have done lots of tests in all configurations and found
this to be the case no matter what the docs say.
using a hostname "chaos" in your example forces verification by FQDN
or hosts file with an IP lookup verification. That way you can limit
logins to a specific machine and IP address.
As this is a dialup service, I have not found a general use for this except
when doing VPN or other type connections.
IMHO
Larry
At 06:20 AM 6/22/00 -0600, Nathan wrote:
>
>Open yes, but not without authentication.
>
>On my dialin server, /etc/ppp/pap-secrets has:
>
>* chaos "" *
>
>(chaos is the hostname)
>
>The above basicaly tells it to use the /etc/passwd for authentication.
>
>I think the key would be in the debug output from syslog after a user
>attempts to dialin. Can we get a copy of that?
>
>-Nathan
>
>
>On Thu, 22 Jun 2000, Larry Morrow wrote:
>
>> Make the following change in /etc/pap-secrets
>>
>> >In /etc/ppp/pap-secrets and /etc/ppp/chap-secrets I have a line like so:
>> >
>> >* * "" *
>>
>> username * "" *
>>
>> This file controls which users are able to dial-in with ppp.
>>
>> The very first * is what has your system open.
>>
>> Larry
>>
>>
>> --
>> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
>> with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
>>
>>
>
>
>--
>To UNSUBSCRIBE, email to [EMAIL PROTECTED]
>with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
