X-Git-Url: http://git.ozlabs.org/?p=ppp.git;a=blobdiff_plain;f=pppd%2Fpppd.8;h=339dde77d569a6859bf6e8b5b107004912235f29;hp=e468994d3dc746ecaa9196f13f32046b4011a67c;hb=19872c62b8c5c5f77a4db07e52852f6bd22d4f75;hpb=31ddd664422b6cbe1b38b1e0d4cdcbae444e0667 diff --git a/pppd/pppd.8 b/pppd/pppd.8 index e468994..339dde7 100644 --- a/pppd/pppd.8 +++ b/pppd/pppd.8 @@ -1,5 +1,5 @@ .\" manual page [] for pppd 2.4 -.\" $Id: pppd.8,v 1.59 2002/01/11 18:04:37 etbe Exp $ +.\" $Id: pppd.8,v 1.65 2002/09/20 06:53:19 fcusack Exp $ .\" SH section heading .\" SS subsection heading .\" LP paragraph @@ -191,7 +191,7 @@ except that qualifiers which are inappropriate for a PPP link, such as \fBether\fR and \fBarp\fR, are not permitted. Generally the filter expression should be enclosed in single-quotes to prevent whitespace in the expression from being interpreted by the shell. This option -is currently only available under NetBSD, and then only +is currently only available under NetBSD or Linux, and then only if both the kernel and pppd were compiled with PPP_FILTER defined. .TP .B allow-ip \fIaddress(es) @@ -561,6 +561,10 @@ control, as for the \fIcrtscts\fR option. Enables the use of PPP multilink; this is an alias for the `multilink' option. This option is currently only available under Linux. .TP +.B mppe-stateful +Allow MPPE to use stateful mode. Stateless mode is still attempted first. +The default is to disallow stateful mode. +.TP .B mpshortseq Enables the use of short (12-bit) sequence numbers in multilink headers, as opposed to 24-bit sequence numbers. This option is only @@ -703,6 +707,18 @@ peer is buggy. Disables the use of PPP multilink. This option is currently only available under Linux. .TP +.B nomppe +Disables MPPE (Microsoft Point to Point Encryption). This is the default. +.TP +.B nomppe-40 +Disable 40\-bit encryption with MPPE. +.TP +.B nomppe-128 +Disable 128\-bit encryption with MPPE. +.TP +.B nomppe-stateful +Disable MPPE stateful mode. This is the default. +.TP .B nompshortseq Disables the use of short (12-bit) sequence numbers in the PPP multilink protocol, forcing the use of 24-bit sequence numbers. This @@ -853,6 +869,14 @@ to \fIname\fR. With this option, pppd will not agree to authenticate itself to the peer using CHAP. .TP +.B refuse-mschap +With this option, pppd will not agree to authenticate itself to the +peer using MS-CHAP. +.TP +.B refuse-mschap-v2 +With this option, pppd will not agree to authenticate itself to the +peer using MS-CHAPv2. +.TP .B refuse-pap With this option, pppd will not agree to authenticate itself to the peer using PAP. @@ -861,6 +885,28 @@ peer using PAP. Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol] authentication. .TP +.B require-mppe +Require the use of MPPE (Microsoft Point to Point Encryption). This +option disables all other compression types. This option enables +both 40\-bit and 128\-bit encryption. In order for MPPE to successfully +come up, you must have authenticated with either MS-CHAP or MS-CHAPv2. +This option is presently only supported under Linux, and only if your +kernel has been configured to include MPPE support. +.TP +.B require-mppe-40 +Require the use of MPPE, with 40\-bit encryption. +.TP +.B require-mppe-128 +Require the use of MPPE, with 128\-bit encryption. +.TP +.B require-mschap +Require the peer to authenticate itself using MS-CHAP [Microsft Challenge +Handshake Authentication Protocol] authentication. +.TP +.B require-mschap-v2 +Require the peer to authenticate itself using MS-CHAPv2 [Microsft Challenge +Handshake Authentication Protocol, Version 2] authentication. +.TP .B require-pap Require the peer to authenticate itself using PAP [Password Authentication Protocol] authentication. @@ -1012,7 +1058,8 @@ pppd will not agree to authenticate itself with a particular protocol if it has no secrets which could be used to do so. .LP Pppd stores secrets for use in authentication in secrets -files (/etc/ppp/pap-secrets for PAP, /etc/ppp/chap-secrets for CHAP). +files (/etc/ppp/pap-secrets for PAP, /etc/ppp/chap-secrets for +CHAP/MS-CHAP/MS-CHAPv2). Both secrets files have the same format. The secrets files can contain secrets for pppd to use in authenticating itself to other systems, as well as secrets for pppd to use when authenticating other @@ -1490,7 +1537,8 @@ script. .B /var/run/ppp\fIn\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp\fIn\fB.pid \fR(others) Process-ID for pppd process on ppp interface unit \fIn\fR. .TP -.B /var/run/ppp-\fIname\fB.pid \fR(BSD or Linux), \fB/etc/ppp/ppp-\fIname\fB.pid \fR(others) +.B /var/run/ppp-\fIname\fB.pid \fR(BSD or Linux), +\fB/etc/ppp/ppp-\fIname\fB.pid \fR(others) Process-ID for pppd process for logical link \fIname\fR (see the \fIlinkname\fR option). .TP @@ -1500,8 +1548,8 @@ file should be owned by root and not readable or writable by any other user. Pppd will log a warning if this is not the case. .TP .B /etc/ppp/chap-secrets -Names, secrets and IP addresses for CHAP authentication. As for -/etc/ppp/pap-secrets, this file should be owned by root and not +Names, secrets and IP addresses for CHAP/MS-CHAP/MS-CHAPv2 authentication. +As for /etc/ppp/pap-secrets, this file should be owned by root and not readable or writable by any other user. Pppd will log a warning if this is not the case. .TP