Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Reference > P

ppp.Auth(4)

HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NAME

ppp.Auth — PPP authentication file format

DESCRIPTION

The file /etc/ppp/Auth contains values used by HP PPP's implementation of the link-level authentication protocols, CHAP (Challenge Handshake Authentication Protocol) and PAP (Password Authentication Protocol). This implementation of both CHAP and PAP conforms to RFC 1334, PPP Authentication Protocols.

CHAP is a stronger authentication mechanism and should be used whenever possible, in preference over PAP.

Format

Each authentication specification is on its own single line of up to 1023 characters. Comments begin with a # and extend to the end of the line; blank lines, or lines beginning with a #, are ignored. Fields are separated by horizontal white space (blanks or tabs).

If pppd is using CHAP authentication, the first word on the line must match the peer's Name as received in a CHAP Challenge or Response packet and the second word is used for the Secret. If pppd is using PAP authentication, the first word on the line must match the Peer-ID in a transmitted or received PAP Authenticate-Request packet and the second word is used for the Password. The default value used for the Name in transmitted CHAP packets or for the Peer-ID in transmitted PAP packets is the hostname(1) of the machine pppd is running on.

In the midst of the Name/Peer-ID and Secret/Password strings, ^x is translated into the appropriate control character before matching, and \xxx represents the character corresponding to the octal number xxx. Other special sequences are:

\s

Matches a space character (ASCII 0x20).

\t

Matches a horizontal tab character (ASCII 0x09).

\n

Matches a line feed character (ASCII 0x0a).

\r

Matches a carriage return character (ASCII 0x0d).

The fields have the following meaning:

name

The Name field of a sent or received CHAP Challenge or Response message, or the Peer-ID field of a sent or received PAP Authenticate-Request message. For transmitted packets, this is the hostname unless overridden by the pppd name option.

secret

The secret word that the peer also knows.

optional address restrictions

A set of zero or more patterns restricting the addresses that we will allow to be used with the named peer. Patterns are separated by spaces or tabs and are parsed from left to right. Each pattern may begin with an exclamation mark to indicate that the following pattern should not be allowed. The rest of the pattern consists of digits and periods, and optionally a leading or trailing asterisk, which will match anything. If none of the patterns match, then the address will be allowed if the last pattern began with an exclamation point, and will be disallowed otherwise.

This optional address restriction feature is available only for IPv4 addresses.

EXAMPLES

The following Auth provides pppd with a secret for use when a peer claims to be other-host, robin, or "Jack's machine".

# # Auth - PPP authentication name/secret file # Format: #name secret optional address restrictions other-host secret-key !137.175.9.2 137.175.9.*/0xffffff00 robin dK3ig8G8hs 137.175.11.4 Jack's\smachine I\sam\sa\sjelly\sdonut.

SECURITY CONCERNS

The file /etc/ppp/Auth should be mode 600 or 400, and owned by root.

AUTHOR

ppp.Auth was developed by the Progressive Systems.

SEE ALSO

pppd(1), ppp.Devices(4), ppp.Dialers(4), ppp.Filter(4), ppp.Keys(4), ppp.Systems(4), services(4).

RFC 792, RFC 1332, RFC 1334, RFC 1548.



pcf
  		 


ppp.Devices  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.