[pptp-server] pptp + PAM

Steve Langasek vorlon at netexpress.net
Mon Jun 3 13:47:35 CDT 2002 

On Mon, Jun 03, 2002 at 03:26:03PM -0300, Federico Edelman wrote:
> I put in /etc/pptpd.conf:
> speed 115200
> option /etc/ppp/pptpd-options
> debug
> localip 192.168.0.3-200
> remoteip 192.168.0.3-200

> I put in /etc/ppp/pptpd-options:
> debug
> name	myhost
> auth
> login
> require-pam
> netmask 255.255.255.0
> nodefaultroute
> proxyarp
> lock

> I get "unrecognized option require-pam".

Ok, so you get this error even when you *don't* have 'require-chapms' in
your config?  In that case, it seems to be a problem with the PAM 
support in pppd, which is not something I've ever used.

Steve Langasek
postmodern programmer

> > -----Mensaje original-----
> > De: Steve Langasek [mailto:vorlon at netexpress.net]
> > Enviado el: lunes, 03 de junio de 2002 15:17
> > Para: Federico Edelman
> > CC: 'bao'; 'pptp-server at lists.schulte.org'
> > Asunto: Re: [pptp-server] pptp + PAM
> > 
> > On Mon, Jun 03, 2002 at 03:09:15PM -0300, Federico Edelman wrote:
> > > Steve:
> > > 	Yes, but I was only compiled with these options. In pptpd-options I
> > > don't put none of these options.
> > 
> > > How can I'll must setting for PAM support?
> > 
> > If you can't use MS-CHAP and PAM together, then clearly, having both
> > 'require-pam' and 'require-chapms' in your config is an error.  PPP
> > happens to express this error by saying "unrecognized option require-pam".
> > 
> > Do you have 'require-pam' set in /etc/ppp/options?
> > 
> > Steve Langasek
> > postmodern programmer
> > 
> > > > -----Mensaje original-----
> > > > De: Steve Langasek [mailto:vorlon at netexpress.net]
> > > > Enviado el: lunes, 03 de junio de 2002 15:01
> > > > Para: Federico Edelman
> > > > CC: 'bao'; 'pptp-server at lists.schulte.org'
> > > > Asunto: Re: [pptp-server] pptp + PAM
> > > >
> > > > On Mon, Jun 03, 2002 at 02:23:00PM -0300, Federico Edelman wrote:
> > > > > Umm.. Where can I find information about how configure pptp + pam?
> > > >
> > > > > I put in /etc/pptpd.conf:
> > > > > speed 115200
> > > > > option /etc/ppp/pptpd-options
> > > > > debug
> > > > > localip 192.168.0.3-200
> > > > > remoteip 192.168.0.3-200
> > > >
> > > > > I put in /etc/ppp/pptpd-options:
> > > > > debug
> > > > > name	myhost
> > > > > auth
> > > > > login
> > > > > netmask 255.255.255.0
> > > > > nodefaultroute
> > > > > proxyarp
> > > > > lock
> > > >
> > > > > The /etc/ppp/chap-secrets and /etc/ppp/pap-secrets are empty,
> > because I
> > > > will
> > > > > authenticate through PAM only.
> > > >
> > > > > I compile pppd with USE_PAM=y, HAS_SHADOW=y, CHAPMS=y, USE_CRYPT=y,
> > but
> > > > If I
> > > > > put in /etc/ppp/pptpd-options '+chapms' or 'require-chapms' I get
> > > > > 'unrecognized option require-pam'.
> > > >
> > > > > What's wrong?
> > > >
> > > > You misunderstand how MS-CHAP and PAM work.  You will never be able to
> > > > use these two technologies together, as they have incompatible
> > designs.
> > > >
> > > > Steve Langasek
> > > > postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20020603/48269097/attachment.bin>

More information about the pptp-server mailing list