Some Refinements

Here are some things you can do to improve your basic PPP setup, or just to change things for the hell of it.

Connecting as a non-root user

Although the previous section assumed you had become root before trying to connect, it is possible to change a few file permissions and allow any user to connect.

To allow any user to connect using the pppd call ozemail command:

make the pppd executable setuid
chmod 4755 /usr/sbin/pppd
check that /etc/ppp/ozemail-chat and /etc/ppp/peers/ozemail are world readable.
do not change the permissions of /etc/ppp/pap-secrets. This file should only be readable by root..

Warning! If there are children in your house who have accounts on your computer, the above will allow them to dial in, which may not be what you want.
The solution is to have a ppp group. (My Red Hat system's standard configuration has a pppusers group).
Some books recommend setting up a special ppp account with an asterisk in the password field of its /etc/passwd entry. This stops people calling your system and exploiting file permission weaknesses etc. To do this, create a user called "ppp" who belongs to a ppp group. On my system the passwd file entry is

ppp:*:501:230:account for dial in:/tmp:/bin/bash

and the group file entry is

pppusers:x:230:

Check the permissions of ozemail-chat and peers/ozemail as described above, then...

chgrp pppusers /usr/sbin/pppd
chmod 4750 /usr/sbin/pppd

Now a normal user will not be able to run pppd (unless you add him to the pppusers group). However you can become root, then su ppp and execute the pppd call ozemail command.

ppp-on and ppp-off scripts

Systems can be set up with ppp-on and ppp-off scripts.
They are referenced by the connect and disconnect lines in /etc/ppp/peers/ozemail. The minimal setup described previously contained the line

connect 'chat -v -f /etc/ppp/ozemail-chat'

It is possible to replace this line with

connect  /etc/ppp/scripts/ppp-on

and create the following /etc/ppp/scripts/ppp-on file:

#!/bin/sh
/usr/sbin/chat -v -f /etc/ppp/ozemail-chat

You may need to create the scripts directory if it doesn't exist, or simply put the ppp-on script in /etc/ppp and change the line in /etc/ppp/peers/ozemail to read

connect  /etc/ppp/ppp-on

You also need to ensure that ppp-on is executable:
chmod 755 ppp-on

This is all very nice, and makes no difference to your ppp connection! Whether or not you decide to use a ppp-on script, a ppp-off script can improve the way you terminate a ppp connection. Add the following line to /etc/ppp/peers/ozemail just below the connect line:

disconnect /etc/ppp/scripts/ppp-off

As before, it is up to you whether you put the ppp-off script in a scripts subdirectory or directly in /etc/ppp.
The man page for pppd states that the script specified by the disconnect option is run after pppd has terminated the link. This means that this script will automatically be run after you use the killall pppd command. Another option is to terminate the connection by typing /etc/ppp/scripts/ppp-off yourself.

Since ppp-off is a standard script it is probably already on your system somewhere. Here it is:

#!/bin/sh

DEVICE=ppp0

# If the ppp0 pid file is present then the program is running. Stop it.
if [ -r /var/run/$DEVICE.pid ]; then
        kill -INT `cat /var/run/$DEVICE.pid`
#
# If the kill did not work then there is no process running for this
# pid. It may also mean that the lock file will be left. You may wish
# to delete the lock file at the same time.
        if [ ! "$?" = "0" ]; then
                rm -f /var/run/$DEVICE.pid
                echo "ERROR: Removed stale pid file"
                exit 1
        fi
#
# Success. Let pppd clean up its own junk.
        echo "PPP link to $DEVICE terminated."
        exit 0
fi
#
# The ppp process is not running for ppp0
echo "ERROR: PPP link is not active on $DEVICE"
exit 1

Remember to make both ppp-on and ppp-off executable.
chmod 755 ppp-o*

Useful Programs

Once you have a working PPP setup, there are a couple of other programs which could be useful. Both of these programs need to be installed on both your computer at home and a Unix host at work.

Secure shell or Open Secure shell
This transparently encrypts your entire session so that when you log in to the computer at work your plain text password is not sent down the phone lines.

Rsync
This is like a remote copy command, except it only copies the differences between the files on the local and remote systems. If you have a 5 Mbyte file on both computers, and the file at work has (say) 1 Kbyte worth of differences from the file at home, you'll save a ton of time using rsync rather than rcp. The file you end up with is the same as if you had used rcp. Rsync works for binaries, text files, directories etc.