[pptp-server] Yes, blank username/password works!

Dread Boy dreadboy at hotmail.com
Fri Mar 2 01:37:17 CST 2001 

Yeah, and on top of all this it doesn't seem to matter what I log in as, my 
username and password don't get carried over to SAMBA for authenticating 
with server shares.

i.e.  Whether I use a valid username/password or the blank, I still can not 
access resources (or possibly ACLs) on the servers even with valid 
usernames.  On my local LAN it's no problem, but remotely, it doesn't seem 
to know who I am while I'm logged on.

For example, when I click a share locally on my SAMBA server, I can get into 
it and have certain rights based on my username/password.  I don't even have 
to think about it.  "security = user" in /etc/smb.conf
However, when I log in remotely with Windoze using my PPTPD Linux server, 
when I even try to access the server itself (let alone the share) it keeps 
asking me for the IPC$ administration password as if it was an NT server.  
It doesn't matter what I enter here, I can't get any farther.

Does PPTPD know my SMB username but not my password, or vice versa?  I 
thought maybe because it was encrypted using libsmbpw.so that maybe it 
couldn't figure it out, but then using chap-secrets plain-text passwords 
don't cut it either.

Anyone know what this is all about?

Geez, I thought this whole PPTPD Linux server was gonna be at least a 
weekend of work, but it's turning out to be months worth of work.

>Holy Toledo Batman!!!! You are correct!!! I does not appear to be the
>guest user, either. The log file reads mschap auth succeeded for user
><blank>
>
>
>This is a SERIOUS problem that I was not previously aware of. Thank
>you for pointing that out... Wow!!! In testing I found that if you
>actually specify a USERNAME in chap-secs it will fail on a blank
>user.
>I.E.
>/etc/ppp/chap-secrets;
>user1	*       &/etc/samba/smbpasswd   *
>user2 *       &/etc/samba/smbpasswd   *
>user3 *       &/etc/samba/smbpasswd   *
>etc
>etc
>
>But it still allows users who are IN the file to work, even if they
>DON'T exist in smbpasswd.
>I.E.
>/etc/smbpasswd;
>user1:XXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXX
>XXXXXXX:[U          ]:LCT-XXXXXXXX:
>user2:XXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXX
>XXXXX:[U          ]:LCT-XXXXXXXX:
>
>Users 1 2 AND 3 CAN LOGIN SUCCESFULLY!!!!!
>
>This is REAL bad... Maybe this is something to seriously look at the
>code for. Too bad I know NOTHING about coding. I would not be of ANY
>assitance, but I would LOVE to hear if a "correction" is made to
>this...
>
>
>Thanks again for pointing this out....
>
>
>- ---> Running to nearest computer terminal to secure his network
>against intrusion

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

More information about the pptp-server mailing list