Solved

Setting up PPP dial-in server WITH script

Posted on 1997-12-06
5
330 Views
Last Modified: 2012-05-04
I want to provide PPP to dialin users, using a login script. I'm running mgetty+sendfax 1.1.9 with AutoPPP enabled, and this works. To let Win311 users dial in as well, I want to let them login as Pusernam, followed by the password. I do not want to let them login and issue a command afterwards, because most of the users already have a loginscript that works in the manner mentioned above. Mgetty has the option to detect a capital in front of the username, for instance to provide UUCP services. Problem is that pppd isn't able to ask a user for his password like UUCICO can. So what I need is probably some modified login binary, which strips the 'P', asks for the password, and starts PPP instead of the regular shell mentioned in /etc/password. Ofcourse, this shell _should_ be started if the username doesn't start with a 'P'..
0
Comment
Question by:alexbik
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:hno
ID: 1587040
Set up special PPP login accounts with pppd as login shell. The users can then do a normal login, but instead of getting a shell promt PPP is automatically started.



0
 
LVL 2

Author Comment

by:alexbik
ID: 1587041
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 2

Author Comment

by:alexbik
ID: 1587042
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 1

Accepted Solution

by:
hno earned 100 total points
ID: 1587043
What I ment is that you create new accounts for the users, in parallell with the existing shell accounts, but with a P in front of the user name. This special account uses pppd as shell but has the same UID,GID,HOME as the regular shell login.

But if you only want to use one account (easier to maintain and only one password for shell and PPP login), then you have to use a different login program. If you do not want to write a new one from scratch you can use a small wrapper around /bin/login

-------------------------------
#!/bin/sh
IFS=
PPP=1 exec /bin/login -p ${1#P}
-------------------------------
and then check for PPP in /etc/profile or similar place, and if set do "exec pppd".

if [ -n "$PPP" ]; then
  exec pppd
fi

0
 
LVL 2

Author Comment

by:alexbik
ID: 1587044
Sorry I didn't repy earlier.
Thanks.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question