The PAP database is implemented in the /etc/ppp/pap-secrets file. Machines on both sides of the PPP link must have properly configured PAP credentials in their /etc/ppp/pap-secrets files for successful authentication. The caller (authenticatee) supplies credentials in the user and password columns of the /etc/ppp/pap-secrets file or in the obsolete +ua file. The server (authenticator) validates these credentials against information in /etc/ppp/pap-secrets, through the UNIX passwd database, or in the PAM facility.
The /etc/ppp/pap-secrets file has the following syntax.
myclient ISP-server mypassword * |
The parameters have the following meaning.
PAP user name of the caller. Often, this name is identical to the caller's UNIX user name, particularly if the dial-in server uses the login option of PAP.
Name of the remote machine, often a dial-in server.
Caller's PAP password.
IP address that is associated with the caller. Use an asterisk (*) to indicate any IP address.