Continued from Page 1
Notice that this points to a file called /etc/ppp/ppplogin, we need
to create this one. It’s a small file that has the following contents:
#!/bin/sh
mesg n
tty -echo
/usr/sbin/pppd silent auth -chap +pap login
Save the file and make it executable:
chmod +x /etc/ppp/ppplogin
Now create or update the /etc/ppp/options file:
-detach
modem
lock
crtscts
asyncmap 0
netmask 255.255.255.0
proxyarp
ms-dns
In the above replace with the IP address of your
LAN’s DNS server. In our case, the machine 192.168.1.15 acts as our DNS, so we used:
ms-dns 192.168.1.15
Create another file /etc/ppp/options.ttyS0 and add the following to
it:
:
For example, we used ws120.cmil.com:192.168.1.200
The hostname can be had by running the hostname command. You could
also look into the /etc/HOSTNAME file. The second address is allocated to the remote
system. Any unused IP address on your network should do.
Also remember to set PPPD as SUID root as it configures a network
interface and manipulates kernel routing tables. All this requires special privileges. To
do this, run the command:
# chmod +s /usr/sbin/pppd
Finally, let’s update the PAP authentication database. This is
simple, we are going to validate users against the standard /etc/passwd, so all you need
to do is edit the file /etc/ppp/pap-secrets, and add one line for every IP address you are
going to allocate to a dial-in connection. In our setup, /etc/ppp/pap-secrets looks like
this:
# Secrets for authentication using
PAP
# client server secret IP addresses
* * "" 192.168.1.200
You might add more lines that are identical to the last one shown
above, one for every IP address you’ll be using.
Page(s) 1 2 3 |
| 
