Mailinglist Archive: opensuse-isdn-de (187 mails)

< Previous Next >
Authentifizierung RAS Server unter Suse 8.1

Hallo allerseits,

Ich brauche mak eure Hilfe. Ich habe mir gemäß
http://www.server-linux.de/html/dialin-server.html
einen Dial-In über ISDN auf meinem Server aufgebaut. Der Dial-In
funktioniert auch prima, aber leider werden anscheinend die pap-secrets
nicht ausgewertet. Es kann sich "Hinz und Kunz" mit beliebigem UID/PWD
einloggen :-(((

Daten:
Suse 8.1
ISDN wird ausschliesslich für Dial-In benutzt

/etc/ppp:
----------
donald:/etc/ppp # ll
total 49
drwxr-x--- 5 root dialout 376 Oct 29 20:42 .
drwxr-xr-x 44 root root 5344 Oct 29 20:51 ..
lrwxrwxrwx 1 root root 7 Dec 1 2002 auth-down ->
auth-up
-rwxr-x--x 1 root root 454 Feb 25 2002 auth-up
-rw------- 1 root root 798 Oct 29 20:39 chap-secrets
-rw-r----- 1 root root 270 Oct 29 20:18 ioptions
lrwxrwxrwx 1 root root 5 Dec 1 2002 ip-down -> ip-up
drwxr-xr-x 2 root root 48 Sep 10 2002 ip-down.d
-rwxr-xr-x 1 root root 9038 Sep 10 2002 ip-up
drwxr-xr-x 2 root root 48 Sep 10 2002 ip-up.d
-rw-r--r-- 1 root root 8289 Oct 29 20:42 options
-rw------- 1 root root 1327 Oct 29 20:39 pap-secrets
drwxr-x--x 3 root root 248 Dec 1 2002 peers
-rwxr-xr-x 1 root root 2728 Sep 10 2002 poll.tcpip
donald:/etc/ppp #

pap-secrets:
-------------
donald:/etc/ppp # cat pap-secrets
#SuSEconfig.isdn modified
# Secrets for authentication using PAP
# client server secret IP addresses

# OUTBOUND CONNECTIONS
# Here you should add your PPP Login and PPP password to connect to your
# provider via pap. The * means that the entry(login and passoword may
be
# used for ANY host you connect to.
# Thus you do not have to worry about the foreign machine name. Just
# replace password with your password.
#hostname * password

# PREDIFINED CONNECTIONS
# These are user and password entries for publically accessible
call-by-call
# Internet providers in Germany. If they confict with your config,
remove them.
# READ_IN_CALLBYCALL_SECRETS

# INBOUND CONNECTIONS
#client hostname <password> 192.168.1.1

# If you add "auth login -chap +pap" to
/etc/mgetty+sendfax/login.config,
# all users in /etc/passwd can use their password for
pap-authentication.
#
# Every regular user can use PPP and has to use passwords from
/etc/passwd
#* hostname ""
# UserIDs that cannot use PPP at all. Check your /etc/passwd and add any
# other accounts that should not be able to use pppd! Replace hostname
# with your local hostname.
#guest hostname "*" -
#master hostname "*" -
#root hostname "*" -
#support hostname "*" -
#stats hostname "*" -

#SuSEconfig.isdn entry
"user1" * "pwd1"
"user2" * "pwd2"

Bin für alle Tipps dankbar!
Matthias


< Previous Next >
Follow Ups