Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
KEYINIT(1)		  BSD General Commands Manual		    KEYINIT(1)

     keyinit --	change password	or add user to S/Key authentication system

     keyinit [-s] [userID]

     Keyinit initializes the system so you can use S/Key one-time passwords to
     login.  The program will ask you to enter a secret	pass phrase; enter a
     phrase of several words in	response.  After the S/Key database has	been
     updated you can login using either	your regular UNIX password or using
     S/Key one-time passwords.

     When logging in from another machine you can avoid	typing a real password
     over the network, by typing your S/Key pass phrase	to the key command on
     the local machine:	 the program will respond with the one-time password
     that you should use to log	into the remote	machine.  This is most conve-
     niently done with cut-and-paste operations	using a	mouse.	Alternatively,
     you can pre-compute one-time passwords using the key command and carry
     them with you on a	piece of paper.

     Keyinit requires you to type your secret password,	so it should be	used
     only on a secure terminal.	 For example, on the console of	a workstation.
     If	you are	using keyinit while logged in over an untrusted	network, fol-
     low the instructions given	below with the -s option.

     -s	     Set secure	mode where the user is expected	to have	used a secure
	     machine to	generate the first one time password.  Without the -s
	     the system	will assume you	are direct connected over secure com-
	     munications and prompt you	for your secret	password.  The -s op-
	     tion also allows one to set the seed and count for	complete con-
	     trol of the parameters.  You can use keyinit -s in	combination
	     with the key command to set the seed and count if you do not like
	     the defaults.  To do this run keyinit in one window and put in
	     your count	and seed then run key in another window	to generate
	     the correct 6 English words for that count	and seed.  You can
	     then "cut"	and "paste" them or copy them into the keyinit window.

     userID  The ID for	the user to be changed/added

     /etc/skeykeys data	base of	information for	S/Key system.

     key(1), keyinfo(1), skey(1), su(1)

     Command by	Phil Karn,
     Neil M. Haller,
     John S. Walden

BSD				 July 20, 1993				   BSD


Want to link to this manual page? Use this URL:

home | help