to my /etc/ppp/options file, so I can at least force a more secure login.
Randy Aeberhardt <> raeberhardt@tantalus-systems.com> > wrote:
Okay guys, here’s what I have done to date:
-
I had already modified “/etc/system/enum/include/net” and replaced
“pttcpip” with “ptcpip” and added “ppppmgr” (this starts io-net with
both
the -ptcpip and -ppppmgr flags at boot time). I also downloaded the
latest
“pppd” program from QNX’s website.
-
I created a file called “/etc/ppp/pap-secrets” with the following
contents:
(above sets * for client, * for server, “” for secret and * for IP
Address)
- Created a file called “/etc/ppp/options” with the following contents:
lock
-detach
modem
crtscts
proxyarp
asyncmap 0
- Created a file called “/etc/ppp/options.ser3” (my modem is /dev/ser3)
with the following contents:
10.1.1.21:10.1.1.30
(10.1.1.21 is the IP address of the server, 10.1.1.30 will be served up
to
the incoming client)
- Created a file called “/etc/answer” with the following contents (chat
script to auto answer modem):
RING ATA
CONNECT “”
- Created a script called “/etc/run_pppd” with the following contents
(needed since pppd terminates after every session):
while true
do
/usr/sbin/pppd debug defaultroute 10.1.1.21:10.1.1.30 57600 connect
‘chat -vv -f/etc/answer’ /dev/ser3
done
(note use of chat script to answer incoming call).
I can now use dialup networking from a Windows machine to connect to the
server. Once connected, I can run the internal web application by using
the
address: "> http://10.1.1.21/> ". I can also run ftp and telnet, even
phindows,
but the latter is very slow due to 28.8 connection speed (I am looking
into
ways to speed up the connection - I should be able to run 57,600).
Now, even though the above works and I can establish multiple
connections
(serially), I am not sure whether I have set up pppd correctly.
First, why does pppd terminate after each connection? Is this normal?
Yes, it is normal.
Second, using the chat script is okay, but it causes a timeout every 45
seconds (if you look at the pppd output, you see that the program exits
every 45 seconds). I know I can increase the timeout value in the
script,
but the help documentation doesn’t tell me what the max value is for
TIMEOUT. Isnt’ there a better way of doing this?
Well, I suspect it is chat timedout. See chat -t option. But I agree
it should be a better way. I would suggest tinit, but I seems remember
it is not ready in early RTP.
Finally, is the above secure? Does the configuration I am using cause
pppd
to verify the user name and password in /etc/passwd, or do I have to
configure the system differently?
Sorry, it is not secure. Anybody have the modem phone number could
connect in >
You should use “+pap” and “login” option. The first force client
(you windows box) authenticate itself. The seconde just tell pppd
check /etc/passwd instead of /etc/ppp/pap-secret.
-xtang
“Rodney Stevens” <> rodney.stevens@minerals.csiro.au> > wrote in message
news:a7o7rk$lk$> 1@inn.qnx.com> …
Randy
I have tried running the command line:
“pppd debug defaultroute 10.1.1.21:10.1.1.19 passive 57600 /dev/ser3”
but the program simply terminates and does not stay running. I run
sloginfo
with the default setup and no files are under /var/logs.
It would appear that you have done most things correctly, a good
resource
is
www.linuxdoc.org/HOWTO/PPP_HOWTO> . it has a chapter (15) on connection
files.
At a minimum you need a file /etc/ppp/options in which you could put
your
actual command line
then you only need to type pppd. This worked for me. To run debug you
need
the sylogd running, for this to run you need /etc/syslog.cfg and a file
called /var/log/syslog.
There are probably a bunch of configuration files that need to be
updated
in
order for pppd to work properly. I have no idea what they are, and
rather
than reading a lot of lengthy, detailed documents, I was wondering if
someone could point me to a quick primer or give me a quick list of
edits
that I must do to get a basic pppd server running under QNX.
I have found that if you want something to work it is better to have
some
knowledge of why it is working, otherwise when it stops working (as
everything does) you will find it much harder to find the answers in
the
lengthy detailed documentation.
Rod
\