Go to main content

Managing Serial Networks Using UUCP and PPP in Oracle® Solaris 11.4

Exit Print View

Updated: November 2020
 
 

Configuring PAP Authentication on Dial-Out Systems for Trusted Callers

This section contains tasks for setting up PAP authentication on the dial-out systems of trusted callers. As system administrator, you can set up PAP authentication on the systems before distribution to prospective callers. Or, if the remote callers already have their systems, you can give these callers the tasks in this section.

    Perform the following tasks when setting up PAP-related tasks for the dial-out system:

  1. Planning for Authentication on a Link – Collect user names and other data that is needed for authentication

  2. How to Configure PAP Authentication Credentials for the Trusted Callers – Create the security credentials for the trusted caller and, if necessary, security credentials for other users who call the dial-out system, in /etc/ppp/pap-secrets

  3. How to Add PAP Support to the PPP Configuration Files on Dial-Out Systems – Add options specific to PAP to the /etc/ppp/options and /etc/ppp/peers/peer-name files

How to Configure PAP Authentication Credentials for the Trusted Callers

This procedure shows how to set up PAP credentials for two trusted callers, one of which requires authentication credentials from remote peers. The steps in the procedure assume that you, the system administrator, are creating the PAP credentials on the trusted callers' dial-out systems.

  1. Become an administrator on the dial-out system.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

    Using the sample PAP configuration that was introduced in Example of a PAP Authentication Scenario (Working From Home), assume that the dial-out system belongs to user1.

  2. Modify the pap-secrets database for the caller.

    This release provides an /etc/ppp/pap-secrets file that contains helpful comments but no options. You can add the following options to this /etc/ppp/pap-secrets file.

    user1    myserver  pass1    *

    Note that user1's password pass1 is passed in readable ASCII form over the link. myserver is caller user1's name for the peer.

  3. Become an administrator on the dial-out system.

    For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

    Using the PAP authentication example, assume that this dial-out system belongs to the caller user2.

  4. Modify the pap-secrets database for the caller.

    You can add the following options to the end of the existing /etc/ppp/pap-secrets file.

    user2     myserver   pass2       *
    myserver  user2      serverpass  *

    In this example, /etc/ppp/pap-secrets has two entries. The first entry contains the PAP security credentials that user2 passes to dial-in server myserver for authentication.

    user2 requires PAP credentials from the dial-in server as part of link negotiation. Therefore, the /etc/ppp/pap-secrets also contains PAP credentials that are expected from myserver on the second line.


    Note -  Because most ISPs do not supply authentication credentials, the preceding scenario might be unrealistic for communications with an ISP.

See Also

How to Create a PAP Credentials Database for a Dial-In Server