/etc/ppp/chap-secrets File
The CHAP database is implemented in the /etc/ppp/chap-secrets file. Machines on both sides of the PPP link must have each others' CHAP credentials in their /etc/ppp/chap-secrets files for successful authentication.
Note –
Unlike PAP, the shared secret must be in the clear on both peers. You cannot use crypt, PAM, or the PPP login option with CHAP.
The /etc/ppp/chap-secrets file has the following syntax.
Table 36–7 Syntax of /etc/ppp/chap-secrets|
Caller |
Server |
CHAP secret |
IP Addresses |
|---|---|---|---|
|
myclient |
myserver |
secret5748 |
* |
The parameters have the following meanings:
|
myclient |
CHAP user name of the caller. This name can be the same as or different from the caller's UNIX user name. |
|
myserver |
Name of the remote machine, often a dial-in server. |
|
secret5748 |
Caller's CHAP secret. Note – Unlike PAP passwords, CHAP secrets are never sent over the link. Rather, CHAP secrets are used when the local machines compute the response. |
|
IP address |
IP address that is associated with the caller. Use an asterisk (*) to indicate any IP address. |
- © 2010, Oracle Corporation and/or its affiliates