This section is based on an email from Keith Brown
(kbrown AT pdq.net)
and explains how to make KPPP work with a
generic PAP or CHAP account. If your
ISP just gave you a user id and a password for an account,
you probably can skip this section, and the instructions in the previous one
will be all you need.
PAP seems a lot more complicated at first glance than it really is. The server (the machine you are connecting to) basically tells the client (your machine) to authenticate using PAP. The client (pppd) looks in a specific file for an entry that contains a matching server name, and a client name for this connection, and then sends the password it finds there. That's about it!
Now here's how to make that happen. I am assuming a
pppd version of 2.2.x or better and a standard installation
of configuration files under /etc/ppp
.
For the purposes of illustration, imagine that you have an internet
account with glob.net
with the username
userbaz
and the password
foobar
First, you need to add all this to a file called
/etc/ppp/pap-secrets
. The format of an entry for our
purposes is:
USERNAME SERVERNAME PASSWORD
So you would add the following line to
/etc/ppp/pap-secrets
and then save it :
userbaz glob foobar
You can use any name for the server you wish, so long as you use the
same name in the pppd arguments, as you'll see
shortly. Here it's been shortened to glob
, but this name
is only used to locate the correct password.
Next you need to set up the connection in KPPP. The basics are the same
as any other connection, so we won't go into details here, except to say that
you probably want to make sure that /etc/ppp/options
is
empty, and you don't want to create a login script either.
In the KPPP settings dialog, at the bottom of the Dial tab, is a button. This brings up an editing dialog. Here you can enter values that will be sent to pppd as command line arguments, and in the case of multiple value arguments, you need to enter each value as a separate entry in the listbox, in the correct order.
You can put in any other arguments you want first. Then add the arguments
that pppd uses to handle PAP
authentication. In this example, we are going to add
user
, userbaz
,
remotename
and glob
in that
order.
The user
tells the pppd what
user name to look for in the pap-secrets
file and then to
send to the server. The remotename is used by pppd
to match the entry in the pap-secrets
file, so again, it
can be anything you want so long as it is consistent with the entry in the
pap-secrets
file.
That's all there is to it, and you should now be able to set up your own
connection to a server with PAP authentication.
CHAP is not much different. You can see the Linux® Network
Administrators Guide for a chap-secrets
file format, and
the pppd arguments used, and the rest should be
simple.
Would you like to comment or contribute an update to this page?
Send feedback to the TDE Development Team