Re: PPTP after removing of userland ppp(8)
On Thu, Mar 20, 2014 at 11:57:57AM -0700, patrick keshishian wrote: On 3/20/14, Stefan Sperling s...@openbsd.org wrote: [...] And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree. The statement much better alternatives are available suggests the user has a choice in picking these alternatives. This isn't the case some of the time. Sure, that's why I said if possible. And where it's not easily possible, perhaps users can try to get the other end to fix the problem. I don't mind putting pressure on people to drop PPTP, and I don't even mind putting pressure on people who will then need to put pressure on others to drop it. pptp client users can stay with 5.4 or the (not even officially released yet) 5.5 release for now, both of which ship net/pptp in a working state. If you don't run -current you still have ptpp support until 5.7 comes around and support for 5.5 is dropped. That gives pptp users (and developers) time until May 2015. And the plan seems to be that lack of pptp client support is temporary. Who knows, perhaps npppd pptp client support will be added in time for 5.6. In which case there won't even be a single release without PPTP client support. Perhaps consider sending npppd developers a crate of beer if you care a lot about this. And if a pptp client doesn't ever come back I don't see how OpenBSD is responsible for breaking setups that still rely on PPTP in this day and age. In this case you'll have to run something else for PPTP. Sorry.
Re: PPTP after removing of userland ppp(8)
2014-03-20 1:15 GMT+02:00 Stefan Sperling s...@openbsd.org: ppp(8) used net/pptp as a pseudo-device via pipes to a pptp process. With pppd(8) I don't think there is support for using a pipe to a separate process as a device. Perhaps there is another way to make pptp work with pppd. I don't know. npppd supports PPTP but I believe it's currently server-side only. One possible path forward would be PPTP-client support in npppd. I don't know if there are any plans for this and I don't have any such plans myself. Yes, it's only server-side Even though I'm still listed as maintainer of net/pptp I haven't used it in a long time. If net/pptp goes away I won't miss it. From FAQ: PPTP The Point to Point Tunneling Protocol (PPTP) is a proprietary Microsoft protocol. A pptp client is available which interfaces with pppd(8)http://www.openbsd.org/cgi-bin/man.cgi?query=pppdsektion=8 and is capable of connecting to the PPTP-based Virtual Private Networks (VPN) used by some cable and xDSL providers. pptp itself must be installed from packages http://www.openbsd.org/faq/faq15.html#PkgMgmt or portshttp://www.openbsd.org/faq/faq15.html#Ports. Further instructions on setting up and using pptp are available in the man page which is installed with the pptp package. Is the following patch correct: --- faq6.html Mon Dec 2 09:06:04 2013 +++ faq6.html.new Thu Mar 20 10:35:38 2014 @@ -982,7 +982,7 @@ The Point to Point Tunneling Protocol (PPTP) is a proprietary Microsoft protocol. A pptp client is available which interfaces with -a href=http://www.openbsd.org/cgi-bin/man.cgi?query=pppdamp;sektion=8 pppd(8)/a +a href= http://www.openbsd.org/cgi-bin/man.cgi?query=pppamp;sektion=8amp;manpath=OpenBSD+5.4 ppp(8)/a and is capable of connecting to the PPTP-based Virtual Private Networks (VPN) used by some cable and xDSL providers. pptp itself must be installed from a href=faq15.html#PkgMgmtpackages/a
Re: PPTP after removing of userland ppp(8)
On Thu, Mar 20, 2014 at 10:38:06AM +0200, Атанас Владимиров wrote: Is the following patch correct: A pptp client is available which interfaces with -a href=http://www.openbsd.org/cgi-bin/man.cgi?query=pppdamp;sektion=8 pppd(8)/a +a href= http://www.openbsd.org/cgi-bin/man.cgi?query=pppamp;sektion=8amp;manpath=OpenBSD+5.4 ppp(8)/a So people were confused about which PPP implementation can interface with net/pptp? I'm not surprised. I intend to remove the net/pptp port altogether unless someone can provide a working configuration using pppd(8). There are plans to add a PPTP client to npppd/pipex. So the lack of PPTP client support will hopefully be a temporary situation. And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree.
Re: PPTP after removing of userland ppp(8)
On 3/20/14, Stefan Sperling s...@openbsd.org wrote: [...] And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree. The statement much better alternatives are available suggests the user has a choice in picking these alternatives. This isn't the case some of the time. In my case, in the recent past, I was either to use PPTP or some other proprietary solution in order to connect to my employer's network. The proprietary solution would require lugging around a Windows or Mac laptop, which made PPTP the much better alternative, allowing work in my preferred environment. --patrick
Re: PPTP after removing of userland ppp(8)
On 3/20/14, Stefan Sperling s...@openbsd.org wrote: [...] And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree. The statement much better alternatives are available suggests the user has a choice in picking these alternatives. This isn't the case some of the time. In my case, in the recent past, I was either to use PPTP or some other proprietary solution in order to connect to my employer's network. The proprietary solution would require lugging around a Windows or Mac laptop, which made PPTP the much better alternative, allowing work in my preferred environment. You'd be safer using Windows than the code which was just deleted.
Re: PPTP after removing of userland ppp(8)
On 2014-03-20, patrick keshishian pkesh...@gmail.com wrote: On 3/20/14, Stefan Sperling s...@openbsd.org wrote: [...] And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree. The statement much better alternatives are available suggests the user has a choice in picking these alternatives. This isn't the case some of the time. In my case, in the recent past, I was either to use PPTP or some other proprietary solution in order to connect to my employer's network. The proprietary solution would require lugging around a Windows or Mac laptop, which made PPTP the much better alternative, allowing work in my preferred environment. Which particular proprietary solution? If by any chance it's Cisco anyconnect, see ports/net/openconnect...
Re: PPTP after removing of userland ppp(8)
On 3/20/14, Stuart Henderson s...@spacehopper.org wrote: On 2014-03-20, patrick keshishian pkesh...@gmail.com wrote: On 3/20/14, Stefan Sperling s...@openbsd.org wrote: [...] And, as goes without saying, if possible, please consider using a different protocol. PPTP's weaknesses have been well understood for a long time now. Much better alternatives are available in the base system and the ports tree. The statement much better alternatives are available suggests the user has a choice in picking these alternatives. This isn't the case some of the time. In my case, in the recent past, I was either to use PPTP or some other proprietary solution in order to connect to my employer's network. The proprietary solution would require lugging around a Windows or Mac laptop, which made PPTP the much better alternative, allowing work in my preferred environment. Which particular proprietary solution? If by any chance it's Cisco anyconnect, see ports/net/openconnect... Don't recall. Maybe Juniper something? --patrick
PPTP after removing of userland ppp(8)
Hi, I was running PPTP client pptp-1.7.2p4 with userland ppp(8). It was a basic setup from pptp(8) manual page and specifically PPTP on a router example. What are my alternatives to run PPTP to connect to Microsoft VPN server? May I use ppp(4) and pppd(8) and if so can you point me to the right direction. Thanks for your time. Atanas
Re: PPTP after removing of userland ppp(8)
On Thu, Mar 20, 2014 at 12:39:50AM +0200, Атанас Владимиров wrote: Hi, I was running PPTP client pptp-1.7.2p4 with userland ppp(8). It was a basic setup from pptp(8) manual page and specifically PPTP on a router example. What are my alternatives to run PPTP to connect to Microsoft VPN server? May I use ppp(4) and pppd(8) and if so can you point me to the right direction. Thanks for your time. Atanas ppp(8) used net/pptp as a pseudo-device via pipes to a pptp process. With pppd(8) I don't think there is support for using a pipe to a separate process as a device. Perhaps there is another way to make pptp work with pppd. I don't know. npppd supports PPTP but I believe it's currently server-side only. One possible path forward would be PPTP-client support in npppd. I don't know if there are any plans for this and I don't have any such plans myself. Even though I'm still listed as maintainer of net/pptp I haven't used it in a long time. If net/pptp goes away I won't miss it.
Re: PPTP after removing of userland ppp(8)
On Thu, 20 Mar 2014 00:39:50 +0200 Атанас Владимиров don.na...@gmail.com wrote: I was running PPTP client pptp-1.7.2p4 with userland ppp(8). It was a basic setup from pptp(8) manual page and specifically PPTP on a router example. What are my alternatives to run PPTP to connect to Microsoft VPN server? May I use ppp(4) and pppd(8) and if so can you point me to the right direction. I think having good ppp client implementation and l2tp client in base is the good direction. I myself will try to do my best for that direction. --yasuoka
