?
Solved

Setting up PPP dial-in server WITH script

Posted on 1997-12-06
5
Medium Priority
?
334 Views
Last Modified: 2012-05-04
I want to provide PPP to dialin users, using a login script. I'm running mgetty+sendfax 1.1.9 with AutoPPP enabled, and this works. To let Win311 users dial in as well, I want to let them login as Pusernam, followed by the password. I do not want to let them login and issue a command afterwards, because most of the users already have a loginscript that works in the manner mentioned above. Mgetty has the option to detect a capital in front of the username, for instance to provide UUCP services. Problem is that pppd isn't able to ask a user for his password like UUCICO can. So what I need is probably some modified login binary, which strips the 'P', asks for the password, and starts PPP instead of the regular shell mentioned in /etc/password. Ofcourse, this shell _should_ be started if the username doesn't start with a 'P'..
0
Comment
Question by:alexbik
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:hno
ID: 1587040
Set up special PPP login accounts with pppd as login shell. The users can then do a normal login, but instead of getting a shell promt PPP is automatically started.



0
 
LVL 2

Author Comment

by:alexbik
ID: 1587041
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 2

Author Comment

by:alexbik
ID: 1587042
Hi hno,

I cannot give the users ppp as a shell, because of two reasons:
1) The users who cannot use PAP already have loginscripts that work in the above described manner,

2) Users who dial in already have a shell that I do not want to replace, because it gives them the option to change their passwords.

I _do_ have a solution at this moment (that's why I do not want to change the way things work, because it would mean that all users will have to change their loginscripts) but it uses a login binary which is patched by someone to implement this feature. Since I do not trust this person to be one of the greatest programmers (understatement of the year), I am not convinced this provides a high level of security..

Alex.
0
 
LVL 1

Accepted Solution

by:
hno earned 300 total points
ID: 1587043
What I ment is that you create new accounts for the users, in parallell with the existing shell accounts, but with a P in front of the user name. This special account uses pppd as shell but has the same UID,GID,HOME as the regular shell login.

But if you only want to use one account (easier to maintain and only one password for shell and PPP login), then you have to use a different login program. If you do not want to write a new one from scratch you can use a small wrapper around /bin/login

-------------------------------
#!/bin/sh
IFS=
PPP=1 exec /bin/login -p ${1#P}
-------------------------------
and then check for PPP in /etc/profile or similar place, and if set do "exec pppd".

if [ -n "$PPP" ]; then
  exec pppd
fi

0
 
LVL 2

Author Comment

by:alexbik
ID: 1587044
Sorry I didn't repy earlier.
Thanks.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question