Re: ppp 2.4.3 cvs authentication issue

All of lore.kernel.org
 help / color / mirror / Atom feed

From: carlsonj@workingcode.com
To: linux-ppp@vger.kernel.org
Subject: Re: ppp 2.4.3 cvs authentication issue
Date: Thu, 28 Oct 2004 15:00:24 +0000	[thread overview]
Message-ID: <16769.2440.831660.368734@carlson.workingcode.com> (raw)
In-Reply-To: <20041028124517.7204.qmail@web25210.mail.ukl.yahoo.com>

a b writes:
> sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]

You ask for MPPE.

> rcvd [CCP ConfReq id=0x1 <deflate 15> <deflate(old#)
> 15> <bsd v1 15>]

The peer asks for the usual suite of freely-available compression
algorithms, but does *NOT* ask for MPPE.

> MPPE required but peer negotiation failed
> sent [LCP TermReq id=0x2 "MPPE required but peer
> negotiation failed"]

Two problems: (1) what I consider to be a design bug in MPPE, as it
should not just shut down, but should try to negotiate first and (2)
peer that is either misconfigured or just doesn't support MPPE.

> 2. you're saying that "the peer apparently isn't
> configured to use MPPE."

Yes.

> My question is: is there something to do on the client
> side in order to ask for a mppe authentication ?

MPPE isn't authentication; it's encryption.

According to the pppd(8) man page:

     nomppe
          Disables MPPE (Microsoft Point  to  Point  Encryption).
          This is the default.
[...]
     require-mppe
          Require the use  of  MPPE  (Microsoft  Point  to  Point
          Encryption).   This  option disables all other compres-
          sion  types.   This  option  enables  both  40-bit  and
          128-bit  encryption.  In order for MPPE to successfully
          come up, you must have authenticated  with  either  MS-
          CHAP  or MS-CHAPv2.  This option is presently only sup-
          ported under Linux, and only if your  kernel  has  been
          configured to include MPPE support.

In other words, I think the peer needs this configuration option as
well in order to use MPPE.

-- 
James Carlson                                 <carlsonj@workingcode.com>

next prev parent reply	other threads:[~2004-10-28 15:00 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-10-28 12:45 ppp 2.4.3 cvs authentication issue a b
2004-10-28 12:54 ` carlsonj
2004-10-28 13:10 ` a b
2004-10-28 13:45 ` a b
2004-10-28 14:08 ` carlsonj
2004-10-28 14:52 ` a b
2004-10-28 15:00 ` carlsonj [this message]
2004-10-28 15:33 ` a b
2004-10-28 15:41 ` carlsonj
2004-10-28 15:52 ` a b
2004-10-28 15:57 ` carlsonj
2004-10-28 16:04 ` Bill Unruh
2004-10-28 16:07 ` Bill Unruh
2004-10-28 16:10 ` Bill Unruh
2004-10-28 17:01 ` a b

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=16769.2440.831660.368734@carlson.workingcode.com \
    --to=carlsonj@workingcode.com \
    --cc=linux-ppp@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.