Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
KEYINIT(1)              FreeBSD General Commands Manual             KEYINIT(1)

     keyinit - change password or add user to S/Key authentication system

     keyinit [-s] [userID]

     Keyinit initializes the system so you can use S/Key one-time passwords to
     login.  The program will ask you to enter a secret pass phrase; enter a
     phrase of several words in response.  After the S/Key database has been
     updated you can login using either your regular UNIX password or using
     S/Key one-time passwords.

     When logging in from another machine you can avoid typing a real password
     over the network, by typing your S/Key pass phrase to the key command on
     the local machine:  the program will respond with the one-time password
     that you should use to log into the remote machine.  This is most
     conveniently done with cut-and-paste operations using a mouse.
     Alternatively, you can pre-compute one-time passwords using the key
     command and carry them with you on a piece of paper.

     Keyinit requires you to type your secret password, so it should be used
     only on a secure terminal.  For example, on the console of a workstation.
     If you are using keyinit while logged in over an untrusted network,
     follow the instructions given below with the -s option.

     -s      Set secure mode where the user is expected to have used a secure
             machine to generate the first one time password.  Without the -s
             the system will assume you are direct connected over secure
             communications and prompt you for your secret password.  The -s
             option also allows one to set the seed and count for complete
             control of the parameters.  You can use keyinit -s in combination
             with the key command to set the seed and count if you do not like
             the defaults.  To do this run keyinit in one window and put in
             your count and seed then run key in another window to generate
             the correct 6 English words for that count and seed.  You can
             then "cut" and "paste" them or copy them into the keyinit window.

     userID  The ID for the user to be changed/added

     /etc/skeykeys data base of information for S/Key system.

     key(1), keyinfo(1), skey(1), su(1)

     Command by Phil Karn,
     Neil M. Haller,
     John S. Walden

FreeBSD 11.0-PRERELEASE          July 20, 1993         FreeBSD 11.0-PRERELEASE


Want to link to this manual page? Use this URL:

home | help