Re: PPP LCP: timeout

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 08/23/04 

Date: Mon, 23 Aug 2004 16:57:17 -0500

In article <pan.2004.08.23.00.06.29.158964@no.spam>, Aiehce wrote:
>Is this mean ISPs sharing points where you dial in, and distinguish each
>users by portion of username?

With most ISPs, authentication isn't done _directly_ on the box that
you are dialing into. Instead, there is an authentication server that
is isolated for security, and it has all of the usernames and passwords.

On the box you are dialing into, it looks at the username, and MAY make
a decision which authentication server to ask. Thus, if you dial in to
Level3.net, there server will see your '123456789@earthlink.net' username
and pass it (and the password you sent) to the Earthlink authentication
server. Another person from Compuserve or Prodigy, or MSN.net (all of
which use contracted service points), would have a different type of
username, and authentication data is passed to the appropriate
auythentication server. The remote authentication server then replies to
the box you are logging in on, with a Success or Fail message, and
things continue from there. In this way, Earthlink (or Compuserve, or
Prodigy, or MSN) keeps their authentication data in one place, rather
than duplicated onto the servers at every place where you can dial in.

>And what do you mean by not looking for a login prompt? -_-a;; (in
>Script file?)

If you look at the documentation that comes with pppd, or in the PPP-HOWTO
(or ISP-Hookup-HOWTO), you will see the chat script looking for a login
prompt. For example:

   #!/bin/sh
   #
   # This is part 2 of the ppp-on script. It will perform the connection
   # protocol for the desired connection.
   #
   exec chat -v \
        TIMEOUT 3 \
        ABORT '\nBUSY\r' \
        ABORT '\nNO ANSWER\r' \
        ABORT '\nRINGING\r\n\r\nRINGING\r' \
        '' \rAT \
        'OK-+++\c-OK' ATH0 \
        TIMEOUT 30 \
        OK ATDT$TELEPHONE \
        CONNECT '' \
        ogin:--ogin: $ACCOUNT \
        assword: $PASSWORD

That's the file 'ppp-on-dialer' from the pppd package. Notice how this looks
for something that says 'ogin:' (meaning it will accept 'Login:' or 'login:'.
This got you into a shell login on the server, and that should have started
the pppd application there. Unfortunetly, when Microsoft invented the
telephone (or was it the internet) in 1995, their program wouldn't handle
such a scripted connection. Most ISPs follow the demands of Microsoft, and
changed the way their servers are configured, so as to use RFC1334
authentication (PAP).

>Very similar to what I configured, except few additional options I have in
>'options'

I've been using that script for about 8 years now.

>> I dunno, maybe about 100K of bloat?
>I really dont' get it, kppp supposed to use pppd, too.

Yes, kppp is a replacement for /usr/sbin/chat - amoung other things. It's
just a very bloated front end or 'wrapper' application.

>I really need know how to log more than 'debug' option. I need
>more information

Bill Unruh's web page (the ubc.ca/ppp-linux.html web page I referenced)
tells all about that.

On Mon, 23 Aug 2004 04:31:36 GMT, you added:

>Got it!
>Problem was pppscript
>Using AT&F1 instead of AT&F0 fixed the trouble(I'm using USR external).

THAT'S why I always recommend reading the modem manual ;-)

from the on-line help available from many USR modems

&Fn n=0 Load Factory 0, no FC
      n=1 Load Factory 1, HW FC
      n=2 Load Factory 2, SW FC

FC = flow control. The data was getting corrupted because you were
not using flow control.

        Old guy

Relevant Pages

  • Re: How to make integrated auth fallback to Basic
    ... membership of server in a "domain" says nothing about transitivity. ... What happens if you have two domains, A and B, and username C exists in both ... like David). ... Windows Authentication because the protocol is secured against that. ...
    (microsoft.public.inetserver.iis.security)
  • Re: OWA (Outlook Web Access) Domain Problem
    ... You will need to have SSL setup on your Server to secure your ... username and passwords when Authenticating to your OWA Server. ... > I see that "Windows Integrated Authentication" is ... >> log him in correctly to OWA without the internal domain being specified. ...
    (microsoft.public.exchange2000.admin)
  • Re: Mail::SendEasy defaulting to localhost?
    ... Trying to put together a simple script that sends out email via my SMTP ... You do have a SMTP server running locally by default. ... which logs into your ISP's Mailserver with authentication. ...
    (comp.lang.perl.misc)
  • Re: Smartcard authentication in a multi-tier application
    ... side where the user enters the username and password and on the server ... implementation as we need the domain username and password of the PIN- ... since SC authentication on the Windows client results in a Kerberos ... bootstrapped a secure authentication mechanism using Kerb and PKInit ...
    (microsoft.public.platformsdk.security)
  • Re: Access Shared Printer??
    ... shares) on other domain member computers (centralized user account ... defined as a local printer that is shared is called the server. ... at the client computer with the username and password that is common to ... This command will use the ServerUserName to do an "authentication" on the ...
    (microsoft.public.win2000.printing)