Why Use PPP Authentication?
Providing authentication on a PPP link is optional. Moreover, though authentication does verify that a peer is to be trusted, PPP authentication does not provide confidentiality of data. For confidentiality, use encryption software, such as IPsec, PGP, SSL, Kerberos, and the Solaris Secure Shell.
Note –
Solaris PPP 4.0 does not implement the PPP Encryption Control Protocol (ECP), which is described in RFC 1968.
Consider implementing PPP authentication in the following situations:
-
Your company accepts incoming calls from users over the public, switched telephone network.
-
Your corporate security policy requires remote users to provide authentication credentials when accessing your network through a corporate firewall or when engaging in secure transactions.
-
You want to authenticate callers against a standard UNIX password database, such as /etc/passwd, NIS, LDAP, or PAM. Use PAP authentication for this scenario.
-
Your company's dial-in servers also provide the network's Internet connection. Use PAP authentication for this scenario.
-
The serial line is less secure than the password database on the machine or networks at either end of the link. Use CHAP authentication for this scenario.
- © 2010, Oracle Corporation and/or its affiliates