System Administration Guide: Network Services

ProcedureHow to Configure CHAP Authentication Credentials for the Trusted Callers

This procedure shows how to set up CHAP credentials for two trusted callers. The steps in the procedure assume that you, the system administrator, are creating the CHAP credentials on the trusted callers' dial-out machines.

  1. Become superuser on a dial-out machine or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

    Using the sample CHAP configuration in Example of a Configuration Using CHAP Authentication, assume that the dial-out machine belongs to trusted caller account1.

  2. Modify the chap-secrets database for caller account1.

    Solaris PPP 4.0 includes an /etc/ppp/chap-secrets file that has helpful comments but no options. You can add the following options to the existing /etc/ppp/chap-secrets file.


    account1  CallServe   key123   *
    

    CallServe is the name for the peer that account1 is trying to reach. key123 is the CHAP secret to be used for links between account1 and CallServer.

  3. Become superuser on another dial-out machine or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

    Assume that this machine belongs to caller account2.

  4. Modify the /etc/ppp/chap-secrets database for caller account2.


    account2  CallServe   key456   *
    

    Now, account2 has secret key456 as its CHAP credentials for use over links to peer CallServe.

See Also

The following list provides references to related information.