Configuring PPP for Dial-In

Configuring PPP for Dial-In

Like SLIP, PPP requires an entry in /etc/passwd in order to log in. The user ID and group ID must both be zero (0). Instead of the shell specified at the end of a normal entry in /etc/passwd, PPP uses the command /usr/etc/ppp. To allow the system caesar.salad.com to log in as "ppp-caesar," dial-in.salad.com should have this line in /etc/passwd:

ppp-caesar:3RsB768WRAN2.:0:0:PPP for caesar:/:/usr/etc/ppp

An entry like this one is necessary for each station that calls in by using PPP. For maximum system security, the home directory for PPP accounts should be writable only by the superuser. Using open directories such as /tmp exposes your system to a variety of threats.

Note: The encrypted password in the example does not represent a real password. You must use passwd to set the password for the PPP login. See the passwd(1) reference page for information on using passwd. If the default parameters are acceptable, you don't even need an entry in /etc/ppp.conf for a client. You may want to add a minimal entry, such as this:

ppp-caesar in remotehost=caesar.salad.com

Note: You should never use the add-route keyword by itself on a server system.