/etc/ppp/chap-secrets File
The CHAP database is implemented in the /etc/ppp/chap-secrets file. Machines on both sides of the PPP link must have each others' CHAP credentials in their /etc/ppp/chap-secrets files for successful authentication.
Note –
Unlike PAP, the shared secret must be in the clear on both peers. You cannot use crypt, PAM, or the PPP login option with CHAP.
The /etc/ppp/chap-secrets file has the following syntax.
myclient myserver secret5748 * |
The parameters have the following meanings:
- myclient
-
CHAP user name of the caller. This name can be the same as or different from the caller's UNIX user name.
- myserver
-
Name of the remote machine, often a dial-in server.
- secret5748
-
Caller's CHAP secret.
Note –Unlike PAP passwords, CHAP secrets are never sent over the link. Rather, CHAP secrets are used when the local machines compute the response.
- *
-
IP address that is associated with the caller. Use an asterisk (*) to indicate any IP address.
- © 2010, Oracle Corporation and/or its affiliates