Perform the following tasks when setting up PAP-related tasks for the dial-in server:
Planning for Authentication on a Link – Collect user names and other data that is needed for authentication
How to Create a PAP Credentials Database for a Dial-In Server – Ensure that all potential callers are in the server's password databas and create security credentials for them in /etc/ppp/pap-secrets
How to Add PAP Support to the PPP Configuration Files on a Dial-In Server – Add options specific to PAP to the /etc/ppp/options and /etc/ppp/peers/peer-name files
This procedure modifies the /etc/ppp/pap-secrets file, which contains the PAP security credentials that are used to authenticate callers on the link. /etc/ppp/pap-secrets must exist on both systems on a PPP link.
The sample PAP configuration that was introduced in Example of a PAP Authentication Scenario (Working From Home) uses the login option of PAP. If you plan to use this option, you might also need to update your network's password database. For more information about the login option, refer to Using the login Option With /etc/ppp/pap-secrets.
Trusted callers are people to be granted permission to call the dial-in server from their remote systems.
Do the following if a potential trusted caller does not have a UNIX user name and password:
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
This release provides a pap-secrets file in /etc/ppp that contains comments about how to use PAP authentication but no options. You can add the following options at the end of the comments.
user1 myserver "" * user2 myserver "" * myserver user2 serverpass *
To use the login option of /etc/ppp/pap-secrets, you must type the UNIX user name of each trusted caller. Wherever a set of double quotes ("") appears in the third field, the password for the caller is looked up in the server's password database.
The entry myserver * serverpass * contains the PAP user name and password for the dial-in server. In Example of a PAP Authentication Scenario (Working From Home), the trusted caller user2 requires authentication from remote peers. Therefore, myserver's /etc/ppp/pap-secrets file contains PAP credentials for use when a link is established with user2.