Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.sprintlink.net!news.netnet.net!usenet From: ellen@zekes.com (Ellen Zeke) Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: Question: 'passwd' and PPP accounts... Date: 22 Nov 1995 17:16:15 GMT Organization: Zekes General Store Lines: 60 Message-ID: <48vlsv$fp0@laslo.netnet.net> References: <jasonb-0911950917220001@jasonb.sckans.edu> <DHx96n.KMq@westonia.com> NNTP-Posting-Host: ellen.zekes.com Mime-Version: 1.0 X-Newsreader: WinVN 0.99.2 In article <DHx96n.KMq@westonia.com>, mark@email.icacomp.com says... > >jasonb@jinx.sckans.edu (jasonb) wrote: > >>I am playing with NetBSD 2.0.1 and am having trouble with the change >>passwd command. The system is set up with each >>user having two separate accounts -- one for shell access and the other >>for PPP access. The PPP account is the shell userid with a 'P' as a >>prefix (i.e. user "jasonb" logs in as "Pjasonb" for PPP access). This >>works slickly and drops the user directly into PPP after login, but one >>problem... > >Why would you use another account for PPP user? Let's say you have to >add SLIP support, are you going then to add third account for the user >to use SLIP? If you have 1000 users, it's a mess! > >Instead make one account with regular shell, and add this user to >/etc/ppp.sys file. Add him to netdial group and let him or his script >type ppp at the prompt and it'll initiate the PPP sesion! > >This way you have one account and shell/ppp/slip! > >Regards, >*--------------------------------ICA-Canada-On-Line---> >Toronto's lowest cost Internet Service Provider >Full SLIP account with 2hrs/day for as low as $149/year! >http://www.icacomp.com - telenet: 204.92.239.195 >voice: 905-281-3501 - data: 905-276-9894 > We were also doing the single account approach, and it works well for us, but we are going back to the dual account for new customers. The reason is that we do not charge for non-modem access, and so can quickly see modem time by looking at and sa of the Puser account, (a quick look at user tells us he is not cheating and dialing direct to the shell) The other reason we are establishing separate Puser accounts is that we are moving the dialins off the server and onto a new 12 port router/serial interface. This new box has a high speed processor for each 4 lines, and a fourth to handle PAP authorizations, it handles the complete ppp login and accounting, but has no way to do a shell. Packets from this box, BTW, can be routed directly to the ethernet, or any of the ports can be connected to a 56K or 128K digital line (even ISDN or Frame Relay) We plan on using this eventually for service in other dialing areas. After the new box is installed, i will need to figure out how to change passwords for users on that box... probably i will just do it manually on request... But for our accounts now, we can use this trick... the user uses the passwd command to change the password for user; then we copy the encrypted password to the Puser account using vipw. generally, tho i just run the passwd command from root, and the user gives me the new password on the phone... ever since the 60's there is no danger of me remembering it! *smile* Zeke zeke@zekes.com