ppp.Auth(4)ppp.Auth(4)NAMEppp.Auth - PPP authentication file format
DESCRIPTION
The file contains values used by HP PPP's implementation of the link-
level authentication protocols, (and (This implementation of both CHAP
and PAP conforms to RFC 1334,
CHAP is a stronger authentication mechanism and should be used whenever
possible, in preference over PAP.
Format
Each authentication specification is on its own single line of up to
1023 characters. Comments begin with a and extend to the end of the
line; blank lines, or lines beginning with a are ignored. Fields are
separated by horizontal white space (blanks or tabs).
If is using CHAP authentication, the first word on the line must match
the peer's Name as received in a CHAP Challenge or Response packet and
the second word is used for the Secret. If is using PAP authentica‐
tion, the first word on the line must match the in a transmitted or
received PAP Authenticate-Request packet and the second word is used
for the Password. The default value used for the Name in transmitted
CHAP packets or for the Peer-ID in transmitted PAP packets is the host‐
name(1) of the machine is running on.
In the midst of the Name/Peer-ID and Secret/Password strings, ^x is
translated into the appropriate control character before matching, and
represents the character corresponding to the octal number xxx. Other
special sequences are:
Matches a space character (ASCII 0x20).
Matches a horizontal tab character (ASCII 0x09).
Matches a line feed character (ASCII 0x0a).
Matches a carriage return character (ASCII 0x0d).
The fields have the following meaning:
name The Name field of a sent or received CHAP Challenge or
Response message, or the Peer-ID field of a sent or
received PAP Authenticate-Request message. For trans‐
mitted packets, this is the hostname unless overridden
by the option.
secret The secret word that the peer also knows.
optional address restrictions
A set of zero or more patterns restricting the
addresses that we will allow to be used with the named
peer. Patterns are separated by spaces or tabs and
are parsed from left to right. Each pattern may begin
with an exclamation mark to indicate that the follow‐
ing pattern should not be allowed. The rest of the
pattern consists of digits and periods, and optionally
a leading or trailing asterisk, which will match any‐
thing. If none of the patterns match, then the
address will be allowed if the last pattern began with
an exclamation point, and will be disallowed other‐
wise.
This optional address restriction feature is available
only for IPv4 addresses.
EXAMPLES
The following provides with a secret for use when a peer claims to be
other-host, robin, or "Jack's machine".
SECURITY CONCERNS
The file should be mode 600 or 400, and owned by root.
AUTHOR
was developed by the Progressive Systems.
SEE ALSOpppd(1), ppp.Devices(4), ppp.Dialers(4), ppp.Filter(4), ppp.Keys(4),
ppp.Systems(4), services(4).
RFC 792, RFC 1332, RFC 1334, RFC 1548.
ppp.Auth(4)