1994-10-19 00:03:45 +00:00
|
|
|
.ll 6i
|
|
|
|
.pl 10.5i
|
|
|
|
.\" @(#)skey.1 1.1 10/28/93
|
1999-08-28 00:22:10 +00:00
|
|
|
.\" $FreeBSD$
|
1994-10-19 00:03:45 +00:00
|
|
|
.\"
|
|
|
|
.lt 6.0i
|
|
|
|
.TH KEY 1 "28 October 1993"
|
|
|
|
.AT 3
|
|
|
|
.SH NAME
|
|
|
|
S/key \- A procedure to use one time passwords for accessing computer systems.
|
|
|
|
.SH DESCRIPTION
|
|
|
|
.I S/key
|
|
|
|
is a procedure for using one time password to authenticate access to
|
|
|
|
computer systems. It uses 64 bits of information transformed by the
|
|
|
|
MD4 algorithm. The user supplies the 64 bits in the form of 6 English
|
|
|
|
words that are generated by a secure computer.
|
|
|
|
Example use of the S/key program
|
|
|
|
.I key
|
|
|
|
.sp
|
|
|
|
Usage example:
|
|
|
|
.sp 0
|
|
|
|
>key 99 th91334
|
|
|
|
.sp 0
|
|
|
|
Enter password: <your secret password is entered here>
|
|
|
|
.sp 0
|
|
|
|
OMEN US HORN OMIT BACK AHOY
|
|
|
|
.sp 0
|
|
|
|
>
|
|
|
|
.sp
|
|
|
|
The programs that are part of the S/Key system are keyinit, key, and
|
|
|
|
keyinfo. Keyinit is used to get your ID set up, key is
|
|
|
|
used to get the one time password each time,
|
|
|
|
keyinfo is used to extract information from the S/Key database.
|
|
|
|
.sp
|
|
|
|
When you run "keyinit" you inform the system of your
|
|
|
|
secret password. Running "key" then generates the
|
|
|
|
one-time passwords, and also requires your secret
|
|
|
|
password. If however, you misspell your password
|
|
|
|
while running "key", you will get a list of passwords
|
|
|
|
that will not work, and no indication about the problem.
|
|
|
|
.sp
|
|
|
|
Password sequence numbers count backward from 99. If you
|
|
|
|
don't know this, the syntax for "key" will be confusing.
|
|
|
|
.sp
|
|
|
|
You can enter the passwords using small letters, even
|
|
|
|
though the "key" program gives them in caps.
|
|
|
|
.sp
|
|
|
|
Macintosh and a general purpose PC use
|
|
|
|
are available.
|
|
|
|
.sp
|
|
|
|
Under FreeBSD, you can control, with /etc/skey.access, from which
|
|
|
|
hosts and/or networks the use of S/Key passwords is obligated.
|
|
|
|
.LP
|
|
|
|
.SH SEE ALSO
|
|
|
|
.BR keyinit(1),
|
|
|
|
.BR key(1),
|
|
|
|
.BR keyinfo(1)
|
|
|
|
.BR skey.access(5)
|
|
|
|
.SH AUTHOR
|
|
|
|
Phil Karn, Neil M. Haller, John S. Walden, Scott Chasin
|