1#ident "%Z%%M% %I% %E% SMI" 2# 3# Copyright 2005 Sun Microsystems, Inc. All rights reserved. 4# Use is subject to license terms. 5# 6# CDDL HEADER START 7# 8# The contents of this file are subject to the terms of the 9# Common Development and Distribution License, Version 1.0 only 10# (the "License"). You may not use this file except in compliance 11# with the License. 12# 13# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 14# or http://www.opensolaris.org/os/licensing. 15# See the License for the specific language governing permissions 16# and limitations under the License. 17# 18# When distributing Covered Code, include this CDDL HEADER in each 19# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 20# If applicable, add the following below this CDDL HEADER, with the 21# fields enclosed by brackets "[]" replaced with your own identifying 22# information: Portions Copyright [yyyy] [name of copyright owner] 23# 24# CDDL HEADER END 25# 26# Secrets for authentication using CHAP (Challenge Handshake Authentication 27# Protocol) are placed here. Each line is a separate entry and consists of 28# a list of space or tab separated tokens. 29# 30# client server secret [IP addresses ["--" options]] 31# 32# When authenticating to a peer (so-called "client mode;" as when dialing 33# out to an ISP), the "client" will be matched using the local name and 34# "server" will use the remote peer's name. CHAP does specify an 35# authenticator name, but some peers (such as Windows NT) do not provide 36# a peer name, and the "remotename <name>" option should then be used. 37# Typically, the "user <name>" option is also to specify the local name. 38# 39# When authenticating a peer (so-called "server mode;" as when allowing 40# dial-up access to this system), the remote peer's name is the "client" 41# and the local system name is the "server." In this case, the privileged 42# "name <name>" option is sometimes used to set the local name. The "user 43# <name>" option cannot be used. The remote peer's name comes from the 44# CHAP messages the peer sends. 45# 46# After the secret, which must always be clear text for CHAP, a list of 47# valid IP addresses for the peer appears. This must be present when 48# acting as a server. Usually, this is specified as "*" and actual IP 49# addresses are given in the options. If a given dial-in peer has an 50# allocated IP address ("static IP addressing"), then this address may 51# be given here. If there's exactly one address, then this will be sent 52# to the peer as a hint. 53# 54# The entry may also have extra options after a -- token. These are 55# interpreted as privileged pppd options, and may be used to enable 56# proxyarp or other optional features. 57