Managing Serial Networks Using UUCP and PPP in Oracle® Solaris 11.2

Exit Print View

Updated: July 2014

How to Create a CHAP Credentials Database (Dial-in Server)

  1. Assemble a list that contains the user names of all trusted callers.

    Trusted callers include all people who have been granted permission to call the private network.

  2. Assign each user a CHAP secret.

    Note - Be sure to choose a good CHAP secret that is not easily guessed. No other restrictions are placed on the CHAP secret's contents.

    The method for assigning CHAP secrets depends on your site's security policy. Either you have the responsibility for creating the secrets, or the callers must create their own secrets. If you are not responsible for CHAP secret assignment, be sure to get the CHAP secrets that were created by, or for, each trusted caller.

  3. Become an administrator on the dial-in server.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

  4. Modify the /etc/ppp/chap-secrets file.

    This release includes an /etc/ppp/chap-secrets file that contains helpful comments but no options. You can add the following options for the server CallServe at the end of the existing /etc/ppp/chap-secrets file.

    account1  CallServe   key123   *
    account2  CallServe   key456   *

    key123 is the CHAP secret for trusted caller account1.

    key456 is the CHAP secret for trusted caller account2.

See also

The following list provides references to related information.