Using One Time Passwords Under Unix <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" > <html><head><title> School of Mathematics

Institute of Technology One Stop Directories Search U of M

Using One Time Passwords Under Unix

Using One Time Passwords Under Unix

Department of Mathematics

Introduction

One-time passwords allow you to login into a machine over an unsecure connection, while maintaining password integrity. One-time passwords DO NOT protect data sent or received over the connection. Be careful not to type your real password in, and only use the one-time passwords given to you. These passwords ONLY WORK on the machines they were created on.

Enabling One Time Passwords

1) Goto a machine with opie installed.
2) Type 'opiepasswd'
3) Now you need to calculate a response. To do this copy the line directly above response in another window.
It should look something like this:
otp-md5 234 re2300
and add a -f so it looks like this:
otp-md5 -f 234 re2300
4) Now take the response that you got from the calculator, and paste it back into the 'Response:' line.
5) Now you have enabled opie.

Getting a One Time Password list

1) Run 'opieinfo'. This should return your seed and key information.
2) Run 'opiekey -5 -n numofkeys info_returned_by_opieinfo'.
Example
gemini 512 $ opiekey -5 -n 10 499 si5724 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: 489: PHI BEEF YAP EASY GIRL HAM 490: EVER GROW YANK COOK JUNO SLY 491: TESS JAB NAME SOME MULL EDDY 492: PAT MASS PEA AUK FAIN ALTO 493: FOOT KATE BAY BURL OW WADE 494: MARY IO HAS NEAL AMY AGO 495: US BELL VIEW BONA GILD DOW 496: POP HOOT NIT CHOW LOON VASE 497: SUB SIRE SIP LYON COL LEON 498: DUTY WET BIN DENY HOG RACY

3) Each line of the list is a password which can only be used once.

Using One Time Passwords

1) Use your favorite telnet program, and telnet to the one time password enabled host that your passwords were created on.
2) Type your username in the login prompt.
3) Now there should be a line above the Password prompt the looks like this:
[ otp-md5 498 ge4500 ext ]
4) Find the number after otp-md5 on your password list. This is the password for this session.

Disabling One Time Passwords

1) Type 'opiepasswd -d'

by William S. Bear August 11, 1999

Last updated May 27, 2004

www.math.umn.edu/systems_guide/opie.html
Last Modified September 17, 2004
Contact the School of Mathematics
The University of Minnesota is an equal opportunity educator and employer.
© 2008, The Regents of the University of Minnesota

Enter keyword search

Search Domain