Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.mira.net.au!inquo!news.uoregon.edu!vixen.cso.uiuc.edu!howland.reston.ans.net!newsfeed.internetmci.com!news.itjit.ad.jp!news.iij.ad.jp!news.CET.CO.JP!usenet From: Michael Hancock <michaelh@cet.co.jp> Newsgroups: comp.unix.bsd.bsdi.misc Subject: Re: Plans for CHAP/PPP in BSDI? Date: Wed, 19 Jun 1996 10:56:12 +0900 Organization: CET Lines: 31 Message-ID: <31C75E3C.41C67EA6@cet.co.jp> References: <4p533b$6qm@agate.nbnet.nb.ca> <31C5A3B1.616@cet.co.jp> <31C4F08A.41C67EA6@cet.co.jp> <4q61co$d0l@agate.nbnet.nb.ca> NNTP-Posting-Host: chaos.cet.co.jp Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 3.0b4 (X11; I; FreeBSD 2.2-CURRENT i386) Lance Cavener wrote: >> Commercial PPP packages such as MorningStar still require using a scheme > >> like Pusername if your terminal server serves both shell and PPP. > > >More background... I think BSDI chose to use the 'Pusername' scheme for > >the same reasons 'Uusername' or 'Usitename' is often used for UUCP logins. > >It differentiates the PPP connection from the e-mail account; allows both > >type of connections to authenticate using Unix login; and using capital > >letters prevents the account from receiving mail which you usually don't > >want. > > Yeah but because it has a capitol letter in the username that user > cannot read his/her mail - so what good is that? 2 accounts for one > person? ;P This has to do with how Unix authenticates and authorizes dialup connections. A program called getty listens on a port and displays a login prompt when it detects a user. It accepts a userid and launches a program called login which displays a password prompt. If the password is ok then login starts up a shell. For PPP to work within this scheme, the PPP account is setup to have the PPP deamon as its shell. This is why if you want to allow both shell access and PPP access you need 2 accounts. You can get around this by modifying how getty works. You can modify it to display a prompt, wait for a character and then either detect PPP or a userid depending on what the character is. If getty detects PPP then startup PPP with PAP/CHAP authentication instead of the Unix login program. -mh