Solved

Setting up PPP dial-in server WITH script

Posted on 1997-12-06
5
325 Views
Last Modified: 2012-05-04
I want to provide PPP to dialin users, using a login script. I'm running mgetty+sendfax 1.1.9 with AutoPPP enabled, and this works. To let Win311 users dial in as well, I want to let them login as Pusernam, followed by the password. I do not want to let them login and issue a command afterwards, because most of the users already have a loginscript that works in the manner mentioned above. Mgetty has the option to detect a capital in front of the username, for instance to provide UUCP services. Problem is that pppd isn't able to ask a user for his password like UUCICO can. So what I need is probably some modified login binary, which strips the 'P', asks for the password, and starts PPP instead of the regular shell mentioned in /etc/password. Ofcourse, this shell _should_ be started if the username doesn't start with a 'P'..
0
Comment
Question by:alexbik
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:hno
ID: 1587040
Set up special PPP login accounts with pppd as login shell. The users can then do a normal login, but instead of getting a shell promt PPP is automatically started.



0
 
LVL 2

Author Comment

by:alexbik
ID: 1587041
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 2

Author Comment

by:alexbik
ID: 1587042
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 1

Accepted Solution

by:
hno earned 100 total points
ID: 1587043
What I ment is that you create new accounts for the users, in parallell with the existing shell accounts, but with a P in front of the user name. This special account uses pppd as shell but has the same UID,GID,HOME as the regular shell login.

But if you only want to use one account (easier to maintain and only one password for shell and PPP login), then you have to use a different login program. If you do not want to write a new one from scratch you can use a small wrapper around /bin/login

-------------------------------
#!/bin/sh
IFS=
PPP=1 exec /bin/login -p ${1#P}
-------------------------------
and then check for PPP in /etc/profile or similar place, and if set do "exec pppd".

if [ -n "$PPP" ]; then
  exec pppd
fi

0
 
LVL 2

Author Comment

by:alexbik
ID: 1587044
Sorry I didn't repy earlier.
Thanks.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now