SKEY(1) BSD Reference Manual SKEY(1)NAME
skey, otp-md4, otp-md5, otp-rmd160, otp-sha1 - respond to an OTP chal-
lenge
SYNOPSIS
skey [-x] [-md4 | -md5 | -rmd160 | -sha1] [-n count] [-p passphrase]
<sequence#>[/] key
DESCRIPTION
S/Key is a procedure for using one-time passwords to authenticate access
to computer systems. It uses 64 bits of information transformed by the
MD4, MD5, RIPEMD-160, or SHA1 algorithms. The user supplies the 64 bits
in the form of 6 English words that are generated by a secure computer.
This implementation of S/Key is RFC 2289 compliant.
Before using skey the system needs to be initialized using skeyinit(1);
this will establish a secret passphrase. After that, one-time passwords
can be generated using skey, which will prompt for the secret passphrase.
After a one-time password has been used to log in, it can no longer be
used.
When skey is invoked as otp-method, skey will use method as the hash
function where method is currently one of md4, md5, rmd160, or sha1.
If you misspell your secret passphrase while running skey, you will get a
list of one-time passwords that will not work, and no indication of the
problem.
Password sequence numbers count backwards. You can enter the passwords
using small letters, even though skey prints them capitalized.
The options are as follows:
-n count
Prints out count one-time passwords. The default is to print one.
-p passphrase
Uses passphrase as the secret passphrase. Use of this option is
discouraged as your secret passphrase could be visible in a pro-
cess listing.
-md4 | -md5 | -rmd160 | -sha1
Selects the hash algorithm: MD4, MD5, RMD-160 (160-bit Ripe Mes-
sage Digest), or SHA1 (NIST Secure Hash Algorithm Revision 1).
-x Causes output to be in hexadecimal instead of ASCII.
EXAMPLES
$ skey 99 th91334
Reminder - Do not use this program while logged in via telnet.
Enter secret passphrase: <your secret passphrase is entered here>
OMEN US HORN OMIT BACK AHOY
$
SEE ALSOlogin(1), skeyaudit(1), skeyinfo(1), skeyinit(1), skey(5), skeyprune(8)
RFC 2289
TRADEMARKS AND PATENTS
S/Key is a Trademark of Bellcore.
AUTHORS
Phil Karn, Neil M. Haller, John S. Walden, Scott Chasin
MirOS BSD #10-current October 28, 1993 1