PAP and CHAP question

totts

Can anyone clear this up for me please.

During Password Authentication for PAP, is the username and password physically typed in by the user or is it something that is happening on a protocol level?

During CHAPs 3-way handshake, a challenge packet consisting of: an ID, a random number and either the name of the local host perfoming the authentication or a username on the remote host is sent.

Again, is this something that is actually physically typed in by the user and if so, is the random number generated by one of those 'secure ID' number generators... http://www.rsa.com/node.aspx?id=1215

blackmage439

Generally, the two routers (one at each end of the communication) negotiate PAP and CHAP authentication. Yes, you manually enter the username and password into the router's configuration. However, after that, the process is automatic each time you establish a connection.

Same thing goes for CHAP. The random number is chosen by the router, then sent usually by MD5 encryption if I remember correctly; there's no fancy key chain encryption or anything.

totts

blackmage439 wrote:

Generally, the two routers (one at each end of the communication) negotiate PAP and CHAP authentication. Yes, you manually enter the username and password into the router's configuration. However, after that, the process is automatic each time you establish a connection.

Same thing goes for CHAP. The random number is chosen by the router, then sent usually by MD5 encryption if I remember correctly; there's no fancy key chain encryption or anything.

Thanks for that, it'll stick in my mind now that I know how it works, Cheers!