pppd: how to give different ip-adrs to different dial-in accounts

pppd: how to give different ip-adrs to different dial-in accounts

Post by Holger Marz » Wed, 23 Sep 1998 04:00:00



I run mgetty + pppd. Users authenticate via pap (/etc/ppp/pap-secrets).
They get an ip-address based on /etc/ppp/options.ttySx, but I'd like to
give them an ip-address based on their userid in pap-secrets.

I know I can add an ip-address in pap-secrets, but it's just one more
security thing, the dial-in account still gets the ip-address in
options.ttySx.

The ip-address based on the userid is neccessary. How can I achieve
this?

 
 
 

pppd: how to give different ip-adrs to different dial-in accounts

Post by Clifford Ki » Wed, 23 Sep 1998 04:00:00


You might try setting up a script for each user such as

#! /bin/sh
exec /usr/local/etc/pppd proxyarp /dev/ttySx  modem W.X.Y.S:W.X.Y.U

where W.X.Y.S and W.X.Y.U are the server and user IPs respectively,
and use it as the user's login shell in passwd.  (Add other pppd options
you feel are necessary.)

This isn't quite what you asked for but it should work if the PAP secret
is the same as the password.

===


>I run mgetty + pppd. Users authenticate via pap (/etc/ppp/pap-secrets).
>They get an ip-address based on /etc/ppp/options.ttySx, but I'd like to
>give them an ip-address based on their userid in pap-secrets.
>I know I can add an ip-address in pap-secrets, but it's just one more
>security thing, the dial-in account still gets the ip-address in
>options.ttySx.
>The ip-address based on the userid is neccessary. How can I achieve
>this?

--
Clifford Kite                                              Not a guru. (tm)


 
 
 

pppd: how to give different ip-adrs to different dial-in accounts

Post by Kalevi Hautanie » Thu, 24 Sep 1998 04:00:00


: I run mgetty + pppd. Users authenticate via pap (/etc/ppp/pap-secrets).
: They get an ip-address based on /etc/ppp/options.ttySx, but I'd like to
: give them an ip-address based on their userid in pap-secrets.

: I know I can add an ip-address in pap-secrets, but it's just one more
: security thing, the dial-in account still gets the ip-address in
: options.ttySx.

Leave out that statement from options.ttySx defining an ip. If you want an
user to get his/her personal options whatever they might be, define
default values in /etc/ppp/options and put those values you want to
override into $HOME/.ppprc. It can be, of course, root owned.

--
Kalevi J Hautaniemi,      Marjatankatu 12,     33730 Tampere,  FINLAND.
****  http://oh3tr.ele.tut.fi/~oh3fg/ ****  On air:  OH3FG, KO4BC  ****
tel:+358-3-364-7446    fax:+358-3-364-2476    mobile:+358-50-590-2243

 
 
 

1. wu-ftpd: how do I give different guestusers different overwriting permissions?

I have an ftp server set up on RH7.2 using the wu-ftpd rpm.  I need to
have a number of guestuser accounts, which I have gotten successfully
configured. However, these guest accounts need to have differing
permissions for things like renaming, deleting and overwriting files.
One specific example is that guestuser  "Authors" specifically needs
the ability to "overwrite" existing files in their area, but guestuser
"Reviewers" specifically needs to NOT have that ability.

The "overwrite" directive in /etc/ftpaccess allows you to specify
permissions two ways: by account type (real, guest, or anonymous), or
by different classes. Since both these accounts are guests, its seems
that rules out using the account type.

Its my understanding from the manpage that different classes are
defined by the source address.  However, both these accounts could be
accessed from a huge number of different places, and even from the
same place at different times.  So that looks to rule out class
differentiation.

It seems like this is a situation that must have come up before.  Has
anyone else solved it?  Is there something I'm missing or not
understanding?

2. panic

3. Can gnome give different background to different workspace?

4. 'tar uvf /dev/rmt/0' problem

5. ISO-9660 Rock Ridge gives different links different inums

6. fonts

7. How to give different users/groups different priorities?

8. pine

9. Same IP-adr. on two different interfaces

10. Automatic dial to different ISPs at different times

11. Apache: different access for different IP's

12. Using different IP Names for different Unix apps.

13. OnDemand ijppp: different phone numbers for different ip addresses