5.\" Reserved. The Inner Net License Version 2 applies to these portions of 6.\" the software. 7.\" You should have received a copy of the license with this software. If 8.\" you didn't get a copy, you may request one from <license@inner.net>. 9.\" 10.\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan 11.\" McDonald, All Rights Reserved. All Rights under this copyright are assigned 12.\" to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and 13.\" License Agreement applies to this software. 14.\" 15.\" History: 16.\" 17.\" Modified by cmetz for OPIE 2.3. Added -f flag documentation. 18.\" Updated console example. 19.\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation. 20.\" Modified at NRL for OPIE 2.0. 21.\" Written at Bellcore for the S/Key Version 1 software distribution 22.\" (keyinit.1). 23.\" 24.ll 6i 25.pl 10.5i 26.lt 6.0i 27.TH OPIEPASSWD 1 "January 10, 1995" 28.AT 3 29.SH NAME 30opiepasswd \- Change or set a user's password for the OPIE authentication 31system. 32 33.SH SYNOPSIS 34.B opiepasswd 35[\-v] [\-h] [\-c|\-d] [\-f] 36.sp 0 37[\-n 38.I inital_sequence_number 39] 40[\-s 41.I seed 42] [ 43.I user_name 44] 45 46.SH DESCRIPTION 47.I opiepasswd 48will initialize the system information to allow one to use OPIE to login. 49.I opiepasswd 50is downward compatible with the keyinit(1) program from the 51Bellcore S/Key Version 1 distribution. 52 53.SH OPTIONS 54.TP 55.TP 56.B \-v 57Display the version number and compile-time options, then exit. 58.TP 59.B \-h 60Display a brief help message and exit. 61.TP 62.B \-c 63Set console mode where the user is expected to have secure access to the 64system. In console mode, you will be asked to input your password directly 65instead of having to use an OPIE calculator. If you do not have secure access 66to the system (i.e., you are not on the system's console), you are 67volunteering your password to attackers by using this mode. 68.TP 69.B \-d 70Disable OTP logins to the specified account. 71.TP 72.B \-f 73Force 74.I opiepasswd 75to continue, even where it normally shouldn't. This is currently used to 76force opiepasswd to operate in "console" mode even from terminals it believes 77to be insecure. It can also allow users to disclose their secret pass phrases 78to attackers. Use of the -f flag may be disabled by compile-time option in 79your particular build of OPIE. 80.TP 81.B \-n 82Manually specify the initial sequence number. The default is 499. 83.TP 84.B \-s 85Specify a non-random seed. The default is to generate a "random" seed using 86the first two characters of the host name and five pseudo-random digits. 87.SH EXAMPLE 88Using 89.I opiepasswd 90from the console: 91.LP 92.sp 0 93wintermute$ opiepasswd \-c 94.sp 0 95Updating kebe: 96.sp 0 97Reminder \- Only use this method from the console; NEVER from remote. If you 98.sp 0 99are using telnet, xterm, or a dial\-in, type ^C now or exit with no password. 100.sp 0 101Then run opiepasswd without the \-c parameter. 102.sp 0 103Using MD5 to compute responses. 104.sp 0 105Enter old secret pass phrase: 106.sp 0 107Enter new secret pass phrase: 108.sp 0 109Again new secret pass phrase: 110.sp 0 111 112.sp 0 113ID kebe OPIE key is 499 be93564 114.sp 0 115CITE JAN GORY BELA GET ABED 116.sp 0 117wintermute$ 118.LP 119Using 120.I opiepasswd 121from remote: 122.LP 123.sp 0 124wintermute$ opiepasswd 125.sp 0 126Updating kebe: 127.sp 0 128Reminder: You need the response from your OPIE calculator. 129.sp 0 130Old secret password: 131.sp 0 132 otp-md5 482 wi93563 133.sp 0 134 Response: FIRM BERN THEE DUCK MANN AWAY 135.sp 0 136New secret password: 137.sp 0 138 otp-md5 499 wi93564 139.sp 0 140 Response: SKY FAN BUG HUFF GUS BEAT 141.sp 0 142 143.sp 0 144ID kebe OPIE key is 499 wi93564 145.sp 0 146SKY FAN BUG HUFF GUS BEAT 147.sp 0 148wintermute$ 149.LP 150.SH FILES 151.TP 152/etc/opiekeys -- database of key information for the OPIE system. 153 154.SH SEE ALSO 155.BR ftpd (8), 156.BR login (1), 157.BR passwd (1), 158.BR opie (4), 159.BR opiekey (1), 160.BR opieinfo (1), 161.BR su (1), 162.BR opiekeys (5), 163.BR opieaccess (5) 164 165.SH AUTHOR 166Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and John S. Walden 167of Bellcore. OPIE was created at NRL by Randall Atkinson, Dan McDonald, and 168Craig Metz. 169 170S/Key is a trademark of Bell Communications Research (Bellcore). 171 172.SH CONTACT 173OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join, 174send an email request to: 175.sp 176skey-users-request@thumper.bellcore.com
|