[pptp-server] pptp + PAM

Federico Edelman fedelman at claxson.com
Mon Jun 3 13:55:59 CDT 2002


No.. I've not chap-ms in my pptp-options.
Does anybody run pppd with pam support?

> -----Mensaje original-----
> De: Steve Langasek [mailto:vorlon at netexpress.net]
> Enviado el: lunes, 03 de junio de 2002 15:48
> Para: Federico Edelman
> CC: 'bao'; 'pptp-server at lists.schulte.org'
> Asunto: Re: [pptp-server] pptp + PAM
> 
> On Mon, Jun 03, 2002 at 03:26:03PM -0300, Federico Edelman wrote:
> > I put in /etc/pptpd.conf:
> > speed 115200
> > option /etc/ppp/pptpd-options
> > debug
> > localip 192.168.0.3-200
> > remoteip 192.168.0.3-200
> 
> > I put in /etc/ppp/pptpd-options:
> > debug
> > name	myhost
> > auth
> > login
> > require-pam
> > netmask 255.255.255.0
> > nodefaultroute
> > proxyarp
> > lock
> 
> > I get "unrecognized option require-pam".
> 
> Ok, so you get this error even when you *don't* have 'require-chapms' in
> your config?  In that case, it seems to be a problem with the PAM
> support in pppd, which is not something I've ever used.
> 
> Steve Langasek
> postmodern programmer
> 
> > > -----Mensaje original-----
> > > De: Steve Langasek [mailto:vorlon at netexpress.net]
> > > Enviado el: lunes, 03 de junio de 2002 15:17
> > > Para: Federico Edelman
> > > CC: 'bao'; 'pptp-server at lists.schulte.org'
> > > Asunto: Re: [pptp-server] pptp + PAM
> > >
> > > On Mon, Jun 03, 2002 at 03:09:15PM -0300, Federico Edelman wrote:
> > > > Steve:
> > > > 	Yes, but I was only compiled with these options. In pptpd-
> options I
> > > > don't put none of these options.
> > >
> > > > How can I'll must setting for PAM support?
> > >
> > > If you can't use MS-CHAP and PAM together, then clearly, having both
> > > 'require-pam' and 'require-chapms' in your config is an error.  PPP
> > > happens to express this error by saying "unrecognized option require-
> pam".
> > >
> > > Do you have 'require-pam' set in /etc/ppp/options?
> > >
> > > Steve Langasek
> > > postmodern programmer
> > >
> > > > > -----Mensaje original-----
> > > > > De: Steve Langasek [mailto:vorlon at netexpress.net]
> > > > > Enviado el: lunes, 03 de junio de 2002 15:01
> > > > > Para: Federico Edelman
> > > > > CC: 'bao'; 'pptp-server at lists.schulte.org'
> > > > > Asunto: Re: [pptp-server] pptp + PAM
> > > > >
> > > > > On Mon, Jun 03, 2002 at 02:23:00PM -0300, Federico Edelman wrote:
> > > > > > Umm.. Where can I find information about how configure pptp +
> pam?
> > > > >
> > > > > > I put in /etc/pptpd.conf:
> > > > > > speed 115200
> > > > > > option /etc/ppp/pptpd-options
> > > > > > debug
> > > > > > localip 192.168.0.3-200
> > > > > > remoteip 192.168.0.3-200
> > > > >
> > > > > > I put in /etc/ppp/pptpd-options:
> > > > > > debug
> > > > > > name	myhost
> > > > > > auth
> > > > > > login
> > > > > > netmask 255.255.255.0
> > > > > > nodefaultroute
> > > > > > proxyarp
> > > > > > lock
> > > > >
> > > > > > The /etc/ppp/chap-secrets and /etc/ppp/pap-secrets are empty,
> > > because I
> > > > > will
> > > > > > authenticate through PAM only.
> > > > >
> > > > > > I compile pppd with USE_PAM=y, HAS_SHADOW=y, CHAPMS=y,
> USE_CRYPT=y,
> > > but
> > > > > If I
> > > > > > put in /etc/ppp/pptpd-options '+chapms' or 'require-chapms' I
> get
> > > > > > 'unrecognized option require-pam'.
> > > > >
> > > > > > What's wrong?
> > > > >
> > > > > You misunderstand how MS-CHAP and PAM work.  You will never be
> able to
> > > > > use these two technologies together, as they have incompatible
> > > designs.
> > > > >
> > > > > Steve Langasek
> > > > > postmodern programmer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20020603/db74f18a/attachment.html>


More information about the pptp-server mailing list