| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 597.1 | PPP HOWTO | NEWVAX::PAVLICEK | Linux: the Truly Open O/S | Thu May 01 1997 00:28 | 38 |
| The Linux PPP HOWTO lists some variant authentication that Microsoft
uses. It can apparently be turned on in pppd.
Hope this helps.
-- Russ
Part of the HOWTO follows:
--------------------------
13.1. Using MSCHAP
Microsoft Windows NT RAS can be set up to use a variation on CHAP
(Challenge/Handshake Authentication Protocol). In your PPP sources tar
ball, you will find a file called README.MSCHAP80 that discusses this.
You can determine if the server is requesting authentication using
this protocol by enabling debugging for pppd. If the server is
requesting MS CHAP authentication, you will see lines like
______________________________________________________________________
rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <auth chap 80> <magic 0x46a3>]
______________________________________________________________________
The critical information here is auth chap 80.
In order to use MS CHAP, you will need to recompile pppd to support
this. Please see the instructions in the README.MSCHAP80 file in the
PPP source file for instructions on how to compile and use this
variation.
You should note that at present this code supports only Linux PPP
clients connecting to an MS Windows NT server. It does NOT support
setting up a Linux PPP server to use MSCHAP80 authentication from
clients.
|
| 597.2 | I was just wondering how much brain damage MSCHAP80 inserts into PPPD | NOTAMI::A_ANDERSON | CX03 2/H13 NSU/VAX MacGhille Aindrais | Thu May 01 1997 02:19 | 17 |
| Thanks I read that and the README.mschap80 file.
I was just wondering if adding the MSCHAP80 support will break PPPD from working
with PPP links that dont require MSCHAP80 support. I connect to Digital for
work and other ISP's for all my other internet needs. I suppose it would be
possible to have two kernels one with PPP that supports MSCHAP80 and one with
PPP that does not. Or keeping PPP in modules and write scripts to copy the
appriopiate one around. Right now its all set up so that my wife and kids can
connect to the isp with out using root so adding a reboot to the mix would just
confuse them. It can be done Im just trying to keep things as simple as
possible. Right now it looks like keeping my Linux WS off of Digitals network
is the easiest but not the desired solution.
As usual take one step forward three back.
Thanks
Alan
|
| 597.3 | Tunnel? | OGBON::desgor.shl.dec.com::gordon | Des Gordon@sno | Tue May 27 1997 09:07 | 4 |
| I suppose the other alternative is to use your ISP but then tunnel
into easynet
Des
|
| 597.4 | Which tunnel? | NEWVAX::PAVLICEK | http://www.boardwatch.com/borgtee2.jpg | Tue May 27 1997 18:31 | 9 |
| re: .3
What Linux-available tunnel is available for easynet access? Last I
knew, the easynet tunnels were targeted for the proprietary Microsoft
operating systems. I've read information about Linux tunnels, but I
was under the impression that it required software running on the
target network -- and I've not heard of that happening for the easynet.
-- Russ
|
| 597.5 | mschap doesn't break ppp | NNTPD::"mckinseys@mail.dec.com" | Scott McKinsey | Wed May 28 1997 04:54 | 9 |
| I have rebuilt pppd and the kernel to include support for
mschap. I'm happy to say that connecting to a RAS server works,
as does connecting to my local ISP. No problems so far.
BTW I'm using Redhat-4.1 and the 2.0.28 kernel with ppp-2.3b3.
Scott
[Posted by WWW Notes gateway]
|
| 597.6 | | NEWVAX::PAVLICEK | http://www.boardwatch.com/borgtee2.jpg | Wed May 28 1997 04:59 | 7 |
| re: .5
Cool!
Thanks for posting that info. That's bound to help some people.
-- Russ
|
| 597.7 | not sure if there is a client kit | OGBON::desgor.shl.dec.com::gordon | Des Gordon@sno | Thu May 29 1997 08:25 | 5 |
| g'day
We have tunnels into digital currently. I use the Alta Vista tunnel
client for NT and 95 but I am not aware if there is a kit suitable
for linux, might be worth while asking the Alta Vista people
|
| 597.8 | RE .* Thanks | NOTAMI::A_ANDERSON | CX03 2/H13 NSU/VAX MacGhille Aindrais | Fri May 30 1997 22:22 | 18 |
| Looks like I need to do this all I need is time (Work keeps getting in the way
of fun things).
PPP 2.3b3 is new. I have 2.2f if my memory serves me right.
I have vacation coming up this month.
Windows 95/NT and Linux make a great combination for working form home. Linux
for its Xwindows support and Win95 for all the office/network products and
exchange mail. You can get by with one or the other but both make things more
productive.
The Alta Vista Tunnel on Linux would be nice, we got hit with a snow storm on
Colorado and ran out of RAS line real quick. But theres another note on that.
Thanks
|
| 597.9 | Where did you find the LIBDES kit | NOTAMI::A_ANDERSON | CX03 2/H13 NSU/VAX MacGhille Aindrais | Tue Jun 03 1997 02:44 | 14 |
| Hello Scott,
I took a stab at it this weekend. It looks like I need the LIBDES kit. I
searched the internet and all pointers came up empty.
When I attempted to compile a new PPPD it failed trying to find a
linux/autoconf.h file. Any body have any idea on what packages this file comes
from (Perhaps the libdes kits that I cannot find).
Also where did you locate the 2.2b3 PPP kit. I looked at 4-5 linux distribution
sites and the latest they have is 2.2f.
Thanks for any pointers.
Alan
|
| 597.10 | | MOVIES::TWEEDIE | | Tue Jun 03 1997 15:07 | 17 |
| re .9:
libdes is available from ftp://samba.anu.edu.au/pub/libdes/. The pppd-2.2b3
kit is available from all over. A good hint is to try the ftp search engine
"archie" (http://archie.luth.se/) as a start --- it just found me 72 sites
holding that version of pppd, so you should be able to find one that's nearby.
Finally, linux/autoconf.h should be under /usr/include, via symlink from
/usr/include/linux into /usr/src/linux/include/linux. However, autoconf.h
is one of the header files which is only built when a kernel is configured,
so it may not be there by default if you've just installed the kernel headers
from a plain distribution. You may be able to get away with creating an empty
file for autoconf.h; otherwise, install and configure ("make config" or
"make xconfig") the kernel sources and autoconf.h will be built.
Cheers,
Stephen.
|
| 597.11 | Almost got it | NOTAMI::A_ANDERSON | CX03 2/H13 NSU/VAX MacGhille Aindrais | Fri Jun 06 1997 03:03 | 23 |
| Thanks for the file pointers Stephen.
I should have know about the autoconf.h. I was playing around with a 2.1.35
kernel and deleted the sources and untarred the 2.0.30 sources. So I'll give my
self a swift kick for that stupid question.
Archie found the files like you said. Alta Vista on the other hand still comes
up with a lot of dead ends.
So I am now at a point where Linux and RAS NT agree on the magic numbers Linux
then sends pap authentification and NT RAS rejects it with a error 691
(user/pass invalid for domain). I know the user and password is good, as I use
it under WIN95 RAS all the time.
One thing I noticed PPPD v2.2-0f requests pap authentification while PPPD v2.2b3
request upap authentification. Neither work both fail with a 691 error.
|
| 597.12 | | MOVIES::TWEEDIE | | Fri Jun 06 1997 19:08 | 11 |
| re .11:
If your pap validation is failing, there are a couple of things to try.
First of all, are you getting the right case? Windows is notorious for
forcing passwords to upper case, but Linux won't do so. Secondly I'd
double-check that you are validating yourself as the right user. You can't
rely on the pap-secrets file to supply the user name --- you have to tell
pppd that directly either with the +ua command option or the "user <username>"
option in the ppp options file.
Stephen.
|