On Sat, 31 Jul 1999, Bill Studenmund wrote:

> > > pap-secrets:
> > > 0002119694863200685494000001 * passwd
> > > 
> > > the ISP says, PAP is necessary.
> > > bad networking conf?
> 
> That's got to be one of the goffiest secrets lines I've seen. :-)

I hate to ask what kind of system is on the other end...
 
> pap secrets are set up as "client_name server_name secret" where client is
> who's connecting to us, server is our name used in communication, and
> secret's the needed secret.
> 
> So the line you've got above requires that other-machine named
> 0002119694863200685494000001 has to supply you with pass word passwd. I
> doubt that's how your ISP expects things to work. :-)

I think I see what the problem is now. He sets "user 000..1", with the
intention of setting his machine name for authorization purposes to
same. Better, rather to use "name", so that the entry used from
pap-secrets matches the supplied (user)name. "name" implies "user".

Also, the man page says "noauth" is the default as long as there is a
secrets file at all, but that makes no sense to me. Why take chances?
Option "noauth" is so your local machine never requires a password
from the remote. This is secure, as long as you're doing the dialing.
Moreover, there's no way an isp is going to supply any password for
your machine whatsoever. Therefore, he should have:

name 0002119694863200685494000001
noauth

> > "debug" will show you the LCP negotations, including the pap stuff,
> > and so might provide a clue.