From: Mark (judas_iskarioweb.de)
Date: Sun Nov 02 2003 - 20:09:41 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The 1st thing: I never used skey before but let's start... :o)

"Using S/Key with telnet(1), ssh(1), and rlogin(1)
Using S/Key with telnet(1), ssh(1), or rlogin(1) is done in pretty much the
same fashion as with ftp--you simply tack ":skey" to the end of your
username. Example:"
The example is from http://www.openbsd.org/faq/faq8.html#SKey

My question:
Is it possible to allow ONLY S/Key-Logins?
The FTP-LogIN-Example was logical but after reading the example for telnet
I'm not so sure.
What's happen if the user forgot :skey ?
Will the login denied?
And what's happen if the user forgot :skey but sends the correct
session-key?
Did he've to take the next key for a login or will nothings happen with the
keylist (But if nothing happens I could sniff the actual key (example
telnet) or?)?

I wanna use skey with ssh for a friend.
And I remember that we're all humans and we all make misstaks and so I wanna
know what's happen if he (example) forgot the :skey or something else.

The 2nd short question: The my friend (normal user) can create the list
himself or (couse /etc/skey/)?
Will skey warn him if there only 2 "passwords" on the list (98 of 100) so
that he've to generate a new list?

And the 3rd short question:
After the short start-up with skeyinit there's a message on the screen like
this one:
"Next login password: HAUL BUS JAKE DING HOT HOG"
If I login next time with this password how will I get the new skey for the
next login?
Or is it possible to generate a list of passwords for a printout?

mfg. Mark

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]