*BSD News Article 86049


Return to BSD News archive

#! rnews 1301 bsd
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!newsfeed.direct.ca!portc01.blue.aol.com!news-peer.gsl.net!news.gsl.net!usenet.eel.ufl.edu!news.ultranet.com!zombie.ncsc.mil!newsgate.duke.edu!usenet
From: reese@chem.duke.edu (Charles Reese)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: PPP Dial-in security questions
Date: Thu, 02 Jan 1997 14:09:48 GMT
Organization: Duke University, Durham, NC, USA
Lines: 18
Message-ID: <32cbc02b.84472863@news.duke.edu>
NNTP-Posting-Host: async249-57.async.duke.edu
X-Newsreader: Forte Free Agent 1.1/16.230
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:33485

I am using (user) ppp to provide dial-in support.  The current scheme
has the user login using a regular getty Name,Password sequence with
the users 'shell' being ppp-dialin which is a link to ppp-shell etc.
When the ppp program starts up it gives a warning messages saying
there is no security etc. because I am not using PAP or CHAP.   My
question is when the user logs in this way is PAP or CHAP still
neccesary? If so why?  Can someone who has no account on the machine
still use the dial-in lines?

I would really appreciate it if someone could explain these issues in
some detail.

Thanks
Charlie Reese