Hello Phil, On Thu, 15 Jan 1998, Philip Hands wrote:
> > I can verify that turning off shadow passwords fixes the PAP problem. > > This is unacceptable. And it's already reported in bug 16044. Oh well. > > It this the case with ppp-pam installed ? With or without. Tried both. > If you are using ppp for dial-in, with PAP authentication, I was assuming > that > people will be using PAM too. Install ppp-pam_2.3.2-2.deb to get PAM support. I tried that as well. > Also ppp_2.3.2-2.deb has shadow support (I hope), where ppp_2.3.2-1.deb did > not, so you could try that. There is a problem with the non-pam ppp's > handling of password aging, so on the whole I'd prefer if people used PAM for > dial in. Well I did not analysed my system's password resolution THAT deep (this is my fault :)) so I cannot tell whether PAM works or not. But I installed libpam0g and libpam0g-util so I suppose it does, since me and the users are use usual login procedures as telnet or ftp, and they seem to work. [Uhh, sidenote. Checking the dependencies showed that I have no packages depending on libpam, so, ehm, could be that nobody ever cared it's there. So I cannot tell whether my PAM installation is correct or not since nobody uses it AFAIS. How to tell...?] Unfortunately I cannot tell - even using all the debugging levels are there - what is the problem when failing authentication. Isn't it possible to create a nice Just For Me pppd with extended pw fail debugging? (PAM or plain result codes, details on failing like lib fail, pw fail, aging fail, etc.) I'd glad to run it for you and tell the result! [I badly need a pppd handling libc6 utmp/wtmp correctly.] Of course I tried 2.3.2-2. Didn't worked with or without the ppp-pam package. Is the ".../pam.d/ppp" file correct? I'm not a PAM guru... bye, peter -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
