Home | Fedora Core 4 Tutorial | Linux Tutorials | Linux Games | Linux Java | Linux Kernal | Linux Firewall | Linux Database | Linux Distributions | Linux Firewall GUI | Linux Distributions | Linux Firewall

 

 

Search Host

Monthly Fee($)
Disk Space (MB)
Register With us for Newsletter!
Visit Forum! Post Questions!
Jobs At RoseIndia.net!

Have tutorials?
Add your tutorial to our Java Resource and get tons of hits.

We offer free hosting for your tutorials. and exposure for thousands of readers. drop a mail
roseindia_net@yahoo.com 
   

Tutorials

Java Server Pages

JAXB

Java Beans

JDBC

MySQL

Java Servlets

Struts

Bioinformatics

Java Code Examples

Interview Questions
 
Join For Newsletter

Powered by groups.yahoo.com
Visit Group! Post Questions!

Web Promotion

Web Submission

Submit Sites

Manual Submission?

Web Promotion Guide

Hosting Companies

Web Hosting Guide

Web Hosting

Linux

Beginner Guide to Linux Server

Linux Distribution

Major Linux Distribution

Linux FTP Software

Frameworks

Persistence Framework

Web Frameworks

Free EAI Tools

Web Servers

Aspect Oriented Programming

Free Proxy Servers

Softwares

Adware & Spyware Remover

Open Source Softwares
Next Previous Contents

4. Note about authentication

When you connect to an Internet Services Provider, it is usually necesary that you send an username and a password. This can be accomplished using several methods; the exact method that you use is determined by your provider.

Added to the three shown options, you can use a link without authentication, (generally when the remote end is also yours).

4.1 Username and password - Login and password prompts.

Actually, this is not an usual authentication method to access the Internet through an ISP.

Identification is made before pppd is started, and it is the dialer, usually chat, who sends the login name and the password. This data is sent in plaintext, so this method should not be considered secure.

An example script for chat where you can see how to specify username and password to be sent before running pppd would look something like this: 

ABORT BUSY
ABORT "NO CARRIER"
ABORT VOICE
ABORT "NO DIALTONE" 
ABORT "NO ANSWER"
"" ATZ
OK ATDT_TelephoneNumber_
CONNECT \d\c
ogin _Username_
assword _Password_

The last 2 lines define username and password, and when to send it (after receiving «ogin» and «assword» respectively. The chat script only needs to see parts of the words «login» and «password» and so we don't check the first letter of each. This is so that we don't need to worry about uppercase/lowercase characters.

Suppose that this script is called provider, and it is saved into the /etc/chatscripts directory. Then, you can run it with: 

/usr/sbin/chat -v -f /etc/chatscripts/provider

4.2 PAP - Password Authentication Protocol

If the provider you are using requires PAP as the authentication protocol, during the LCP negotiation in PPP this protocol will be asked to use this protocol. When the phone call is connected after using chat, pppd is started. In this scenario, pppd will send the username and the password, which it will look for in the /etc/ppp/pap-secrets file. This file must have read and write permissions only for root only, so that nobody else can read the passwords inside it.

PAP is not very secure, as the password is sent in plaintext, so can be read by somebody that monitors your transmission line.

Simple example of /etc/ppp/pap-secrets: 

_Username_ * _Password_

4.3 CHAP - Challenge Authentication Protocol

If the provider you are using requires CHAP as the authentication protocol, during the LCP negotiation in PPP this protocol will be asked to use this protocol. When the phone call is connected after using chat, pppd is started. In this scenario, pppd will send the username and the password, which it will look for in the /etc/ppp/chap-secrets file. This file must have read and write permissions only for root only, so that nobody else can read the passwords inside it.

CHAP is more secure than PAP, as the password is never sent through the transmission line in plaintext. The authentication server sends a random identifier (the challenge), that the client must encrypt with its password, and then send back to the server.

Simple example of /etc/ppp/chap-secrets: 

_Username_ * _Password_

Sometimes an ISP uses PAP and other times CHAP, so it is common to define your username and password in both files.

Next Previous Contents
Search Tutorials

Linux Distributions

Fedora
Slackware
SuSe
Mandrake
Knoppix
Mepis
Debian
All Distors....
 

 

 

Send your comments, Suggestions or Queries regarding this site at roseindia_net@yahoo.com.

Copyright © 2004. All rights reserved.