[pptp-server] LINUX

Johnny L Wales johnny at booksys.com
Wed Mar 8 10:58:19 CST 2000


This would be quite good, to be sure. My boss was just asking me this
morning about how we could do this and I told him I didn't think it was
possible without digging into the pptpd and pppd code. Which, of course,
he doesn't want to do. I'd really like to see something like this, wherein
users don't have to remember a third password (one for their email, one
for the NT network, and now one for a VPN (and some even have SOCKS5
passwords to remember as well!))

Also, this would provide the extra security of having the passwords
crypted in case of a root compromise.

--Me

On Tue, 7 Mar 2000, Scott M. Stone wrote:

> On Tue, 7 Mar 2000, Ryan Matijcio wrote:
> 
> > 
> > Hi Alan,
> > 
> > One problem I can see with a Linux pptp server in a large NT enviroment is
> > account management.  I can see it being a real nightmare maintaining the
> > chap-secrets file (the one that maintains the username and password for the
> > vpn accounts.)  As far as I've read there is nothing to handle this.  In NT
> > you can easily just turn PPTP on or off for an account in user manager.
> 
> that's a good point, though -- I wonder how hard it would be to patch pppd
> to use the system's getpasswd() functions instead of reading chap-secrets?
> ie, compare the inputted password from the client with the system password
> table instead of having it separate..?  
> 
> Probably not THAT difficult, I'd think, but who knows.  Maybe I'll try it
> sometime..
> 
> --------------------------
> Scott M. Stone, CCNA <sstone at taos.com>
> UNIX Systems and Network Engineer
> Taos - The SysAdmin Company 
> 
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!
> 





More information about the pptp-server mailing list