linux – pppd“同行拒绝认证”

前端之家收集整理的这篇文章主要介绍了linux – pppd“同行拒绝认证”前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我有一个正在运行的pptpd pppd服务器,它目前有两个成功连接的 Windows 7客户端.但是,当我尝试连接一个 Linux客户端时,我得到一个非常奇怪的交换,以服务器端和客户端端的“peer refused authenticate”结尾.

这是来自服务器的日志:

pppd[8205]: using channel 51
pppd[8205]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfRej id=0x1 <auth chap MS-v2>]
pppd[8205]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[8205]: sent [LCP ConfNak id=0x1 <auth pap>]
pppd[8205]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[8205]: sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[8205]: sent [LCP EchoReq id=0x0 magic=0x20b0750f]
pppd[8205]: sent [LCP TermReq id=0x3 "peer refused to authenticate"]
pppd[8205]: rcvd [LCP EchoReq id=0x0 magic=0x23d6bed3]
pppd[8205]: rcvd [LCP TermReq id=0x3 "peer refused to authenticate"]
pppd[8205]: sent [LCP TermAck id=0x3]
pppd[8205]: rcvd [LCP TermAck id=0x3]
pptpd[8204]: CTRL: Reaping child PPP[8205]

这是来自客户端的日志:

pppd[12077]: pppd options in effect:
pppd[12077]: debug               # (from command line)
pppd[12077]: holdoff 10          # (from /etc/ppp/peers/home1)
pppd[12077]: persist             # (from /etc/ppp/peers/home1)
pppd[12077]: dump                # (from command line)
pppd[12077]: require-mschap-v2           # (from /etc/ppp/peers/home1)
pppd[12077]: refuse-pap          # (from /etc/ppp/peers/home1)
pppd[12077]: refuse-mschap               # (from /etc/ppp/peers/home1)
pppd[12077]: name <redacted>          # (from /etc/ppp/peers/home1)
pppd[12077]: remotename <redacted>             # (from /etc/ppp/peers/home1)
pppd[12077]:             # (from /etc/ppp/options)
pppd[12077]: pty pptp <redacted> --nolaunchpppd                # (from /etc/ppp/peers/home1)
pppd[12077]: crtscts             # (from /etc/ppp/options)
pppd[12077]:             # (from /etc/ppp/options)
pppd[12077]: asyncmap 0          # (from /etc/ppp/options)
pppd[12077]: lcp-echo-failure 4          # (from /etc/ppp/options)
pppd[12077]: lcp-echo-interval 30                # (from /etc/ppp/options)
pppd[12077]: hide-password               # (from /etc/ppp/options)
pppd[12077]: proxyarp            # (from /etc/ppp/options)
pppd[12077]: nobsdcomp           # (from /etc/ppp/peers/home1)
pppd[12077]: nodeflate           # (from /etc/ppp/peers/home1)
pppd[12077]: nomppe              # (from /etc/ppp/peers/home1)
pppd[12077]: noipx               # (from /etc/ppp/options)
pppd[12078]: pppd 2.4.5 started by <redacted>,uid 0
pppd[12078]: using channel 12
pppd[12078]: Using interface ppp0
pppd[12078]: Connect: ppp0 <--> /dev/pts/14
pptp[12079]: anon log[main:pptp.c:314]: The synchronous pptp option is NOT activated
pptp[12086]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request'
pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:739]: Received Start Control Connection Reply
pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:773]: Client connection established.
pppd[12078]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>]
pptp[12086]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request'
pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:858]: Received Outgoing Call Reply.
pptp[12086]: anon log[ctrlp_disp:pptp_ctrl.c:897]: Outgoing call established (call ID 0,peer's call ID 1920).
pppd[12078]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[12078]: No auth is possible
pppd[12078]: sent [LCP ConfRej id=0x1 <auth chap MS-v2>]
pppd[12078]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[12078]: sent [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[12078]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[12078]: rcvd [LCP ConfNak id=0x1 <auth pap>]
pppd[12078]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[12078]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[12078]: sent [LCP EchoReq id=0x0 magic=0x23d6bed3]
pppd[12078]: peer refused to authenticate: terminating link
pppd[12078]: sent [LCP TermReq id=0x3 "peer refused to authenticate"]
pppd[12078]: rcvd [LCP EchoReq id=0x0 magic=0x20b0750f]
pppd[12078]: rcvd [LCP TermReq id=0x3 "peer refused to authenticate"]
pppd[12078]: sent [LCP TermAck id=0x3]
pppd[12078]: rcvd [LCP TermAck id=0x3]
pppd[12078]: Connection terminated.

我对这些行感到困惑(来自服务器日志):

pppd[8205]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfRej id=0x1 <auth chap MS-v2>]
pppd[8205]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x20b0750f> <pcomp> <accomp>]
pppd[8205]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x23d6bed3> <pcomp> <accomp>]
pppd[8205]: sent [LCP ConfNak id=0x1 <auth pap>]
pppd[8205]: rcvd [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x23d6bed3> <pcomp> <accomp>]

如果我正确读取,服务器请求mschap-v​​2 auth,那么客户端拒绝(为什么?);在此之后客户端请求mschap-v​​2 auth,然后服务器拒绝pap(wtf?),导致两个对等体都没有使用auth并且连接失败.

有人可以了解这里发生的事情吗?

解决方法

弄清楚了.

问题是在客户端给pppd提供了“auth”和“require-mschap-v​​2”选项.显然,只有服务器端必须配置为请求身份验证,客户端配置为不请求任何类型的身份验证.发生的事情是客户端要求服务器验证自己,但失败了.

原文链接:https://www.f2er.com/linux/396699.html

猜你在找的Linux相关文章