# PPPoE+pppd+CHAP = Bad Password? (Solved, ISP's fault)

## d0lby

Hiya - been trying to get this to work, gotten over a lot of stumbling blocks, but this time I've really hit a brick wall + I'm really tired...

To summerize, I've gotten to the point where I'm getting Bad Password errors, My ISP (woosh) can also see these errors. Because they use CHAP they cannot see what password I'm trying to authenticate with, only that it is wrong.

My first gues is to to double check what pppd is using as my password which it uses as apart of the encryption. I tried show-password but this only shows your password when using PAP.

I'm stuck... I'm about 80% certain I'm using the correct username and password, as I've logged into the website using it, and also checked with the help desk.

Here's some config files:

```

# /etc/conf.d/net.ppp0:

# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/conf.d/net.ppp0,v 1.3 2002/11/18 19:39:22 azarah Exp $

                                                                                                                                       

# Config file for /etc/init.d/net.ppp0

                                                                                                                                       

                                                                                                                                       

PEER="provider"                   # Define peer (aka ISP)

DEBUG="yes"                      # Turn on debugging

PERSIST="yes"                    # Redial after being dropped

ONDEMAND="no"                   # Only bring the interface up on demand?

MODEMPORT="eth0"          # TTY device modem is connected to

LINESPEED=""              # Speed pppd should try to connect at

INITSTRING=""                   # Extra init string for the modem

DEFROUTE="no"                  # Must pppd set the default route?

HARDFLOWCTL="no"               # Use hardware flow control?

ESCAPECHARS="yes"               # Use escape caracters ?

PPPOPTIONS=""                   # Extra options for pppd

USERNAME="username@provider"    # The PAP/CHAP username

PASSWORD="password"               # Your password/secret.  Ugly I know, but i

                                # will work on something more secure later

                                # on.  700 permission on /etc/init.d/net.ppp0

                                # should be enouth for now.

NUMBER=""                # The telephone number of your ISP

REMIP=""                        # The ip of the remote box if it should be set

NETMASK=""                      # Netmask

IPADDR=""                       # Our IP if we have a static one

MRU="1480"                       # Sets the MRU

MTU="1480"                       # Sets the MTU

RETRYTIMEOUT="6"               # Retry timeout for when ONDEMAND="yes" or

                                # PERSIST="yes"

IDLETIMEOUT="600"               # Idle timeout for when ONDEMAND="yes"

PEERDNS="no"                    # Should pppd set the peer dns?

                                                                                                                                       

# This does not currently work due to a bug in pppd (I think)

FWSCRIPT="/etc/init.d/firewall" # Optional FW script that pppd should start

                                # and stop when the link comes up or drop.

                                # It should be a script that takes one

                                # argument, namely the action that should

                                # be taken (start|stop).  The name of the

                                # external interface on which the firewall

                                # should be activated, should be hardcoded

                                # into the script (you will tipically have

                                # fw.ppp0, fw.ppp1, etc if you have more than

                                # one ppp interface).

                                #

                                # called: ${FWSCRIPT} [start|stop]

                                                                                                                                       

AUTOCFGFILES="yes"              # By default this scripts will generate

                                # /etc/ppp/chat-isp, /etc/ppp/chap-secrets,

                                # /etc/ppp/pap-secrets and /etc/ppp/peers/isp

                                # automagically.  Set to "no" if you experience

                                # problems, or need specialized scripts.  You

                                # will have to create these files by hand then.

                                # Also, the FWSCRIPT feature will not work.

                                                                                                                                       

                                                                                                                                       

# Directory where the templates is stored

TEMPLATEDIR=/etc/ppp

```

```

#cat chap-secrets

username@provider.co.nz provider "password"

```

```

mog ppp # cat options

plugin pppoe.so

lock

```

Here's what's called by init.d/net.ppp0 start

```

/usr/sbin/pppd lock debug persist holdoff 6 asyncmap 00000000 mru 1480 mtu 1480 user username@provider remotename provider eth0 ipparam ppp0 linkname ppp0 call provider noauth hide-password

```

Here's the log:

```

Dec 16 11:28:20 mog pppd[7075]: pppd 2.4.1 started by root, uid 0

Dec 16 11:28:20 mog pppd[7075]: Sending PADI

Dec 16 11:28:20 mog pppd[7075]: HOST_UNIQ successful match

Dec 16 11:28:21 mog pppd[7075]: HOST_UNIQ successful match

Dec 16 11:28:21 mog pppd[7075]: Got connection: 42

Dec 16 11:28:21 mog pppd[7075]: Connecting PPPoE socket: 00:01:d8:58:0a:08 4200 eth0 0x808c590

Dec 16 11:28:21 mog pppd[7075]: using channel 129

Dec 16 11:28:21 mog pppd[7075]: Using interface ppp0

Dec 16 11:28:21 mog pppd[7075]: Connect: ppp0 <--> eth0

Dec 16 11:28:21 mog pppd[7075]: Couldn't increase MTU to 1500.

Dec 16 11:28:21 mog pppd[7075]: Couldn't increase MRU to 1500

Dec 16 11:28:21 mog pppd[7075]: sent [LCP ConfReq id=0x1 <mru 1480> <magic 0x9268d11a>]

Dec 16 11:28:21 mog pppd[7075]: rcvd [LCP ConfReq id=0x1 <mru 1480> <auth chap MD5> <magic 0x15f3c8eb>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Dec 16 11:28:21 mog pppd[7075]: sent [LCP ConfAck id=0x1 <mru 1480> <auth chap MD5> <magic 0x15f3c8eb>]

Dec 16 11:28:21 mog pppd[7075]: rcvd [LCP ConfAck id=0x1 <mru 1480> <magic 0x9268d11a>] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Dec 16 11:28:21 mog pppd[7075]: cbcp_lowerup

Dec 16 11:28:21 mog pppd[7075]: want: 2

Dec 16 11:28:21 mog pppd[7075]: rcvd [CHAP Challenge id=0x1 <c8138f0fab1a82cdc387a8cbc2cbe65f>, name = "akl-sky-ipw-lns2"] 00

Dec 16 11:28:21 mog pppd[7075]: sent [CHAP Response id=0x1 <17b275c19ccaf00059fc4a3654ae7619>, name = "username@provider"]

Dec 16 11:28:21 mog pppd[7075]: rcvd [CHAP Failure id=0x1 "Bad Password"] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Dec 16 11:28:21 mog pppd[7075]: Remote message: Bad Password

Dec 16 11:28:21 mog pppd[7075]: CHAP authentication failed

Dec 16 11:28:21 mog pppd[7075]: cbcp_lowerdown

Dec 16 11:28:21 mog pppd[7075]: Couldn't increase MTU to 1500.

Dec 16 11:28:21 mog pppd[7075]: Couldn't increase MRU to 1500

Dec 16 11:28:21 mog pppd[7075]: sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]

Dec 16 11:28:24 mog pppd[7075]: sent [LCP TermReq id=0x3 "Failed to authenticate ourselves to peer"]

Dec 16 11:28:27 mog pppd[7075]: Connection terminated.

Dec 16 11:28:27 mog pppd[7075]: Doing disconnect

Dec 16 11:28:29 mog pppd[7075]: Terminating on signal 15.

Dec 16 11:28:29 mog pppd[7075]: Exit.

```

Any help or suggestions would be hugely apreciated!

Thanks!Last edited by d0lby on Tue Dec 16, 2003 1:06 am; edited 1 time in total

----------

## d0lby

Sorry about my initial post! It was uuuuugly! Was in a hurry and didn't realise....

BTW, if i do a 'dryrun' this is what i get:

```

mog root # /usr/sbin/pppd lock debug persist holdoff 6 asyncmap 00000000 mru 1480 mtu 1480 user username@provider remotename provider eth0 ipparam ppp0 linkname ppp0 call provider noauth show-password dryrun

Plugin pppoe.so loaded.

PPPoE Plugin Initialized

pppd options in effect:

debug           # (from command line)

holdoff 6               # (from command line)

persist         # (from command line)

linkname ppp0           # (from command line)

dryrun          # (from command line)

plugin pppoe.so         # (from /etc/ppp/options)

noauth          # (from command line)

user username@provider          # (from command line)

remotename provider                # (from command line)

eth0            # (from command line)

eth0            # (from command line)

 0              # (from command line)

mru 1480                # (from command line)

mtu 1480                # (from command line)

show-password           # (from command line)

ipparam ppp0            # (from command line)

```

----------

## d0lby

omg, feel the burn...

It's connected...

The thing is, this girl at the 'provider' was supposed to 'activate' my account or flash the modem or whatever 2 days ago. Since then I've been struggling to get it to work.

I thought - wtf, may as well try using the stupid windows software that came with it under xp on my mums machine.

It turns out, she didn't f@#$#$g do her job properly. It took me about 3 minutes to 'activate' it or whatever, and hey presto. It connected. Tried net.ppp0 start again and hey presto, no more bad password.

Turns out I wasen't insane afterall.... 

 :Shocked: 

----------

