Building a Linux Dial-up Server, Part 2 - Page 2
You can use either PAP or CHAP for authentication, but CHAP is more secure. Username/passwords are stored in /etc/ppp/chap-secrets or /etc/ppp/pap-secrets. On the server, you'll need to enter all the username/password pairs that are allowed access. The clients need only their own username/password. For the simplest PAP authentication, add the 'noauth' option to /etc/ppp/options on all the clients that are authorized to connect to your dial-in server (see the PPPD Auth Gotcha from part 1 for more on this).
The format is the same for both, and supplying the username and password is sufficient:
user server secret address
username * password *
Of course, server names and IP addresses can be added for increased security and control.
Alternatively, you can do away with PAP/CHAP entirely by adding the following to /etc/ppp/options:
This will tell PPP to authenticate against Linux system passwords, rather than hassling with secrets files.
Good to Go
At this point, we have a functioning dial-in server that you can use for connecting to a fileserver, as a gateway to other PCs inside the network, or as a quick and easy WAN link. (See the Linux Network Administrator's Guide for how to set up routing using ip-up and ip-down).
Dial-on-Demand and Persistent Dialing are two useful methods of keeping a client connected:
This is the frugal way to manage a dialup connection. To activate dial-on-demand – when sending email, for example – add these lines to /etc/ppp/options:
'demand' means simply run on demand. PPP starts partway, and then waits for the 'connect' command.
'holdoff' sets, in seconds, how to long to wait between redials.
'idle' will disconnect ppp after the configured number of seconds of no activity on the line.
To keep the line alive constantly, add these lines to /etc/ppp/options:
This tells ppp to stay connected, and to redial after 60 seconds if the connection is broken.
That wraps up our two-part look at building dial-up and dial-in servers for Linux. I hope you've enjoyed it!