In a message of  Shaun Gamble (3:640/375) wrote:

Hi Shaun,

 AS>>     The docs for PPP are a bit hazy, and I'm not sure how the PAP
 AS>> gets sent or what to do in the ppp.dial script once the connection
 AS>> has been established.

 SG> Ahhhhh! :-) Ignore my netmail on this subject then :-) Your script
 SG> needs to be able to select from the menu and present the approriate
 SG> login and password. Mind you, this isn't the same PPP that Dave
 SG> Freeman's been having problems with is it?

As far as I can determine, PPP comes in three basic flavours of increasing
'security' of connection.

The first level provides no security checking at all.  It assumes that some
other medium has checked a username and password to ensure that you are you
and just starts the PPP protocol to handle the comms for you.

The next level up, and slightly more 'secure', is PAP handshaking. PAP
handshaking provides for exchange of a username and password as part of the
protocol negotiation.  In theory this means that you don't need to provide
any sort of login script or anything like that, you just connect and start
PPP and the two ends exchange all the login details through PPP.  I've seen
this work in practice and it's pretty nice to not need to bother with login
scripts or anything like that (between a Win95 dial-up and a linux server).

The highest level of 'security' is CHAP handshaking.  At this level much of
the data transfered during the handshake is apparently encrypted in some
way.  This is the one that my local provider in Longreach is using. 
Unfortunately, they don't seem to have enabled it as a direct login - you
still need to login with username and password and then start PPP and hand
over to it.

To me it seems that there's really little need for anything more than the
first level - you really don't get more secure by going to PAP or CHAP when
you still provide them with the underlying username and password that you
have been provided with.  PAP is pretty cool when it's allowed to do the
whole connection thing though.  IMHO CHAP is a waste of time and an example
of paranoia overtaking practicality - particularly when CHAP is by no means
well supported by the various dial-up PPP drivers around the place (Trumpet
Winsock doesn't support it at all, Amiga's PPP only has it in the
registered version and even then doesn't seem to work well with PPP links
sometimes...).

  //  CYA,
\X/ Dave ;-)

... You're Never Alone With Schizophrenia.         

---