[Oberon] PPP - PAP & CHAP

Charles Angelich cangelich at famvid.com
Sun Aug 11 15:36:36 CEST 2002 

>Message: 2
>Date: Sat, 10 Aug 2002 15:18:32 +0100
>From: Paul Reed <paulreed at paddedcell.com>
>To: oberon at inf.ethz.ch
>Subject: [Oberon] PPP - PAP and CHAP
>Reply-To: oberon at inf.ethz.ch
>
>Ghost in the Machine wrote:
>
>> I have my modem working but did find that my ISP wants CHAP authentication
>> and not PAP as I had thought.  I've apparently been lucky.  I've setup DOS,
>> Windows 3.1, NewDeal, Linux, and others assuming they should do PAP and
>> somehow managed to get all of them to connect to my ISP. :-|
>
>Careful!  Do you mean RFC1994 CHAP (the standard) or
>the Microsoft-perverted CHAP (of which there is more
>than one version!).  And what hash function do
>they want you to use (MD5 etc.)?
>
>If your ISP definitely only supports CHAP then it
>may be that they don't really know what they're
>doing and they are just using Microsoft kit or 
>plug and play routers.  They may, on the other 
>hand, know EXACTLY what they are doing.  It just 
>makes me suspicious.

The words to an old song come to mind "Hello darkness my old friend,
I've come to dance with you again." ;-)

I appreciate the information but if you consider that I am
able to use DOS, Windows 3.1, NewDeal, and Linux PPP routines
to connect to this ISP then I would have to think whatever
they require is not so very complex that Oberon should be
unable to do it along with the other OS.

>By the way, some experts say there are no clear 
>advantages to using CHAP instead of PAP on a 
>dial-up; it's not necessarily more secure, despite 
>what the standard might say.  Both have weaknesses.

Ask them if they would take the time to add to Oberon's
PPP for me - OK?

>If you still have a working Linux PPP setup, it's
>worth using it to find out PRECISELY what's going on.

I have a working Oberon PPP it just can't authenticate.
I can run about 5 minutes of logs here using Oberon with
many requests for CHAP acknowledgement and lots of packet
size negotiating going on in between. :-)

>There are two things you can do.  Firstly, you can
>turn on a great deal of logging to look at what 
>type of packets are being exchanged, and what
>protocols are being agreed on.

I did do that but am not intimately familiar with LCP
and other negotiations that must be acknowledged along
with CHAP authentication.

>Secondly, you can selectively disable PPP features
>to force the other side to select different protocols
>and features.

I was thinking the reverse, that something Oberon is
sending or not sending is causing the ISP to select CHAP
over PAP.  Even though the sys admin at the ISP has said
they only use CHAP she sounded quite young and I am willing
to entertain the possibility that she is not 100% correct.

I find it amusing that all the other OS mentioned will do
this authentication when many are quite old and seem very
minimal in construction yet they authenticate with this ISP.

>Welcome to the wonderful world of PPP!

As I said above "Hello Darkness my old friend, I've come to
dance with you again".

>Hope this helps

All information is useful eventually.  Thanks.



Charles Angelich

The Ghost in the Machine!

DOS and W31 Tech website:
http://www.undercoverdesign.com/dosghost

Stories, poems, music, and photos website:
http://www.undercoverdesign.com/dosghost/faf

More information about the Oberon mailing list