summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.sbin/spppcontrol/spppcontrol.887
1 files changed, 49 insertions, 38 deletions
diff --git a/usr.sbin/spppcontrol/spppcontrol.8 b/usr.sbin/spppcontrol/spppcontrol.8
index 8c2bb7c486e..75bb8adeb69 100644
--- a/usr.sbin/spppcontrol/spppcontrol.8
+++ b/usr.sbin/spppcontrol/spppcontrol.8
@@ -1,3 +1,5 @@
+.\" $OpenBSD: spppcontrol.8,v 1.2 2000/10/17 19:06:31 aaron Exp $
+.\"
.\" Copyright (C) 1997 by Joerg Wunsch, Dresden
.\" All rights reserved.
.\"
@@ -43,7 +45,8 @@ driver might require a number of additional arguments or optional
parameters besides the settings that can be adjusted with
.Xr ifconfig 8 .
These are things like authentication protocol parameters, but also
-other tunable configuration variables. The
+other tunable configuration variables.
+The
.Nm
utility can be used to display the current settings, or adjust these
parameters as required.
@@ -53,8 +56,9 @@ For whatever intent
is being called, at least the parameter
.Ar ifname
needs to be specified, naming the interface for which the settings
-are to be performed or displayed. Use
-.Xr ifconfig 8 ,
+are to be performed or displayed.
+Use
+.Xr ifconfig 8
or
.Xr netstat 1
to see which interfaces are available.
@@ -63,7 +67,8 @@ If no other parameter is given,
.Nm
will just list the current settings for
.Ar ifname
-and exit. The reported settings include the current PPP phase the
+and exit.
+The reported settings include the current PPP phase the
interface is in, which can be one of the names
.Em dead ,
.Em establish ,
@@ -74,8 +79,8 @@ or
If an authentication protocol is configured for the interface, the
name of the protocol to be used, as well as the system name to be used
or expected will be displayed, plus any possible options to the
-authentication protocol if applicable. Note that the authentication
-secrets (sometimes also called
+authentication protocol if applicable.
+Note that the authentication secrets (sometimes called
.Em keys )
are not being returned by the underlying system call, and are thus not
displayed.
@@ -83,12 +88,13 @@ displayed.
If any additional parameter is supplied, superuser privileges are
required, and the command works in
.Ql set
-mode. This is normally done quietly, unless the option
+mode.
+This is normally done quietly, unless the option
.Fl v
is also enabled, which will cause a final printout of the settings as
-described above once all other actions have been taken. Use of this
-mode will be rejected if the interface is currently in any other phase
-than
+described above once all other actions have been taken.
+Use of this mode will be rejected if the interface is currently in any other
+phase than
.Em dead .
Note that you can force an interface into
.Em dead
@@ -108,13 +114,13 @@ The protocol name can be one of
or
.Ql none .
In the latter case, the use of an authentication protocol will be
-turned off for the named interface. This has the side-effect of
-clearing the other authentication-related parameters for this
-interface as well (i.e. system name and authentication secret will
-be forgotten).
+turned off for the named interface.
+This has the side effect of clearing the other authentication-related
+parameters for this interface as well (i.e., system name and authentication
+secret will be forgotten).
.It Ar myauthproto Ns \&= Ns Em protoname
Same as above, but only for my end of the link.
-I.e. this is the
+I.e., this is the
protocol when remote is authenticator, and I am the peer required to
authenticate.
.It Ar hisauthproto Ns \&= Ns Em protoname
@@ -122,16 +128,18 @@ Same as above, but only for his end of the link.
.It Ar myauthname Ns \&= Ns Em name
Set my system name for the authentication protocol.
.It Ar hisauthname Ns \&= Ns Em name
-Set his system name for the authentication protocol. For CHAP, this
-will only be used as a hint, causing a warning message if remote did
-supply a different name. For PAP, it's the name remote must use to
+Set his system name for the authentication protocol.
+For CHAP, this will only be used as a hint, causing a warning message if
+remote did supply a different name.
+For PAP, it's the name remote must use to
authenticate himself (in connection with his secret).
.It Ar myauthsecret Ns \&= Ns Em secret
Set my secret (key, password) for use in the authentication phase.
For CHAP, this will be used to compute the response hash value, based
-on remote's challenge. For PAP, it will be transmitted as plain text
-together with the system name. Don't forget to quote the secrets from
-the shell if they contain shell metacharacters (or white space).
+on remote's challenge.
+For PAP, it will be transmitted as plain text together with the system name.
+Don't forget to quote the secrets from the shell if they contain shell
+metacharacters (or whitespace).
.It Ar myauthkey Ns \&= Ns Em secret
Same as above.
.It Ar hisauthsecret Ns \&= Ns Em secret
@@ -141,27 +149,28 @@ needs to authenticate.
Same as above.
.It Ar callin
Require remote to authenticate himself only when he's calling in, but
-not when we are caller. This is required for some peers that do not
-implement the authentication protocols symmetrically (like Ascend
-routers, for example).
+not when we are caller.
+This is required for some peers that do not implement the authentication
+protocols symmetrically (like Ascend routers, for example).
.It Ar always
The opposite of
.Ar callin .
Require remote to always authenticate, regardless of which side is
-placing the call. This is the default, and will not be explicitly
-displayed in
+placing the call.
+This is the default, and will not be explicitly displayed in
.Ql list
mode.
.It Ar norechallenge
-Only meaningful with CHAP. Do not re-challenge peer once the initial
-CHAP handshake was successful. Used to work around broken peer
-implementations that can't grok being re-challenged once the
-connection is up.
+Only meaningful with CHAP.
+Do not re-challenge peer once the initial CHAP handshake was successful.
+Used to work around broken peer implementations that can't grok being
+re-challenged once the connection is up.
.It Ar rechallenge
With CHAP, send re-challenges at random intervals while the connection
-is in network phase. (The intervals are currently in the range of 300
-through approximately 800 seconds.) This is the default, and will not
-be explicitly displayed in
+is in network phase.
+(The intervals are currently in the range of 300 through approximately
+800 seconds.)
+This is the default, and will not be explicitly displayed in
.Ql list
mode.
.El
@@ -173,17 +182,19 @@ bppp0: phase=dead
hisauthproto=chap hisauthname="ifb-gw" norechallenge
.Ed
.Pp
-Display the settings for bppp0. The interface is currently in
+Display the settings for bppp0.
+The interface is currently in
.Em dead
-phase, i.e. the LCP layer is down, and no traffic is possible. Both
-ends of the connection use the CHAP protocol, my end tells remote the
+phase, i.e., the LCP layer is down, and no traffic is possible.
+Both ends of the connection use the CHAP protocol, my end tells remote the
system name
.Ql uriah ,
and remote is expected to authenticate by the name
.Ql ifb-gw .
Once the initial CHAP handshake was successful, no further CHAP
-challenges will be transmitted. There are supposedly some known CHAP
-secrets for both ends of the link which are not being shown.
+challenges will be transmitted.
+There are supposedly some known CHAP secrets for both ends of the link
+which are not being shown.
.Pp
.Bd -literal
# spppcontrol bppp0 \e