[pptp-server] patches for encryption

Thijs Eilander eilander at cobweb.nl
Wed Sep 13 15:09:26 CDT 2000 

After fiddling around to get encryption working, I made some patches.
I just followed the howto on the webpage (with newer software), fixed the
failed hunks manually, applied some fixes found on the mailinglist and made
the patch with diff. The patch includes all files you need from OpenSSL.

linux2.2.17-ppp-msencryption.patch
pppd-2.3.11-msencryption.patch

They can be found on ftp://ftp.paranoid.nl/linux/pptpd

Works as a charm here, but I am not responsible if things might not work at
your place.
The kernelpatch probably works for 2.2.16 or some future 2.2.18 too, but I
cannot garantuee that :-)


Regards,

Thijs Eilander
Cobweb Internet
+31-46-4758281

----------------------------------
Quick,Dirty and Unsupported Howto:

1. get linux.2.2.17

2. get ppp-2.3.11.tar.gz

3. untar/gzip those tar.gz's

4. patch -p0 < linux2.2.17-ppp-msencryption.patch.
(It looks for the directory "linux", so be carefull. otherwise copy the file
into the kerneldir (eg: linux-2.2.17) and apply it with -p1)

5. patch -p0 < pppd-2.3.11-msencryption.patch

6. cd ppp-2.3.11 ; ./configure ; make && make install

7. move the kernel to /usr/src/linux-2.2.17 and create the symlink to
/usr/src/linux

8. cd /usr/src/linux ; make menuconfig and configure your kernel, build and
boot it.
(if you are already running 2.2.17 with ppp als module, it's probably enough
to rebuild and install the modules again. then rmmod ppp and do depmod -a)

9. replace (or append) /etc/ppp/options with the following:
debug
ms-wins your-wins-server
auth
+chap
+chapms
+chapms-v2
mppe-40
mppe-128
mppe-stateless
proxyarp
require-chap
name vpn
netmask 255.255.255.0
mru 1400
mtu 1400
ktune

10. Edit the /etc/conf.modules (or modules.conf) with the following info:

alias char-major-108 off # This will be different for 2.3.x kernels
alias ppp-compress-18 ppp_mppe
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate

11. depmod -a, insmod ppp, startup pptpd again (if it was down anyway :-)
and make sure you have "require encryption" turned on in your windows
VPN-dialup.

More information about the pptp-server mailing list