[afnog] PPP dial in on FreeBSD

antonio at nambu.uem.mz antonio at nambu.uem.mz
Fri Oct 29 15:17:43 EAT 2004


Thanks again all.
I have installed mgetty and configured only mgetty.conf to put the 
serial port. I have then configured ppp.conf and ppp.secrets and that 
was it. Simpler than I thought. 


On 28 Oct 2004 at 10:07, Brian Candler wrote:

> On Thu, Oct 28, 2004 at 10:32:27AM +0200, antonio at nambu.uem.mz wrote:
> > It is very useful the info, I have read it but I am still confused
> about the > getty and mgetty. After reading about it in the net it
> seems that mgetty > is the better choice but it seems it needs to be
> installed. I am possibly > going to try it but I am still confused
> about the connection between > PPP and mgetty.
> getty/mgetty is the program which produces the login: prompt, collects
> the username, and spawns the login program which in turn prompts for
> the password.
> You will see that you already have a number of getty processes already
> running on your system, for the virtual consoles (Alt-F1 to Alt-F8):
> $ ps auxwww | grep getty
> You can use the same program to produce a login prompt down a serial
> port. However it's a fairly dumb program; you will have to configure
> your modem into auto-answer mode. When the modem answers a call, it
> raises DCD, and this should be enough to trigger a login prompt from
> getty. However there are a number of potential pitfalls; in particular
> you should be careful that your modem has its serial port *fixed* to a
> particular bit rate, say 38400bps, to match what getty is using. How
> you do this depends very much on the modem type.
> mgetty works a bit differently if I remember rightly: it uses a chat
> script. It looks for the message "RING" from the modem, sends "ATA" to
> tell it to answer, then waits for "CONNECT". This works very well
> because sending the "ATA" command ensures that the modem's serial port
> sets itself to the same speed as mgetty is using. Also, if you should
> decide to disable mgetty for any reason (e.g. system is down for
> maintenance), then the phone will not be answered.
> mgetty is available in ports. Use the usual approach to install:
> # cd /usr/ports/comms/mgetty+sendfax
> # make all install clean
> Or perhaps there is a binary package on your install CD or set of CDs.
> Then use pkg_info -L mgetty\* to see what files were installed,
> including documentation.
> Now, that gets you as far as allowing someone to dial in with a
> terminal program and login with a system username/password. You can
> then set up an account whose login shell starts a ppp session.
> However, the client would have to use a login script to be able to
> connect and start ppp on the server.
> Fortunately, mgetty has a second useful feature: ppp autosense. Using
> that, if the client program starts sending ppp LCP packets, mgetty
> will automatically start pppd without the user having to login. In
> that case, pppd becomes responsible for authenticating the connection
> via PAP or CHAP. Typically you put your ppp usernames and passwords in
> pap-secrets or chap-secrets, or you can probably point pppd at a
> RADIUS server.
> This works well, and means you don't need to create any system
> accounts for your dialin PPP users.
> Hope this makes sense... a bit of googling should fill in the details
> for you.
> Regards,
> Brian.

More information about the afnog mailing list