diff options
Diffstat (limited to 'pppd/srp-entry.8')
| -rw-r--r-- | pppd/srp-entry.8 | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/pppd/srp-entry.8 b/pppd/srp-entry.8 deleted file mode 100644 index 097281a..0000000 --- a/pppd/srp-entry.8 +++ /dev/null @@ -1,83 +0,0 @@ -.\" manual page [] for srp-entry -.\" $Id: srp-entry.8,v 1.2 2004/11/13 12:22:49 paulus Exp $ -.\" SH section heading -.\" SS subsection heading -.\" LP paragraph -.\" IP indented paragraph -.\" TP hanging label -.TH SRP-ENTRY 8 -.SH NAME -srp\-entry \- Generate a SRP\-SHA1 Server Entry -.SH SYNOPSIS -.B srp\-entry -[ -.I \-i index -] [ -.I clientname -] -.SH DESCRIPTION -.LP -This utility generates an entry suitable for use in the -/etc/ppp/srp\-secrets file on a PPP EAP SRP\-SHA1 authenticator -("server"). This file has the same basic layout as the other pppd(8) -authentication files, /etc/ppp/pap\-secrets and /etc/ppp/chap\-secrets. -Thus, the entry generated has at least four main fields separated by -spaces. The first field is the authenticatee ("client") name. The -second is the server name. The third is the secret. The fourth is -the allowed (or assigned) IP address for the client, and defaults to -"*". Additional fields can contain additional IP addresses or pppd -options; see pppd(8) for details. -.LP -The third field has three subfields, separated by colons. The first -subfield is the index of the modulus and generator from SRP's -/etc/tpasswd.conf. The special value 0 is used to represent the -well-known modulus and generator specified in the EAP SRP\-SHA1 draft. -The second subfield is the password validator. The third is the -password salt. These latter two values are encoded in base64 notation. -.SH OPTIONS -.TP -.I \-i <index> -Specifies the modulus/generator index in /etc/tpasswd.conf. In order -to use this option, you will need to run the "tconf" utility from the -SRP package to generate local entries for this file. Note that if -these values are not known to the client, the client will be forced to -run time-consuming safety tests on the values used. For this reason, -using the well-known values is recommended. -.TP -.I <clientname> -Specifies the client name. The password validator is a hashed -combination of the client's name and password, and both are required. -If the client name is not supplied on the command line, srp\-entry will -prompt for the client name first. -.SH FILES -.TP -.B /etc/ppp/srp\-secrets -Usernames, passwords and IP addresses for SRP authentication. This -file should be owned by root and not readable or writable by any other -user. Pppd will log a warning if this is not the case. Note that -srp\-entry does not write to this file. The user is responsible for -copying the output of srp\-entry into this file. -.TP -.B /etc/tpasswd.conf -Indexed copies of tested modulus/generator combinations; part of the -SRP package. -.SH SEE ALSO -.TP -pppd(8) -.TP -.B RFC2284 -Blunk, L., Vollbrecht, J., -.I PPP Extensible Authentication Protocol (EAP). -March 1998. -.TP -.B draft\-ietf\-pppext\-eap\-srp\-03.txt -Carlson, J., et al., -.I EAP SRP\-SHA1 Authentication Protocol. -July 2001. -.TP -.B RFC2945 -Wu, T., -.I The SRP Authentication and Key Exchange System -September 2000. -.SH AUTHOR -James Carlson (james.d.carlson@sun.com) |