SKEYINIT(1) General Commands Manual SKEYINIT(1)

NAME

skeyinitchange password or add user to S/Key authentication system

SYNOPSIS

skeyinit [-sxz] [-k passphrase] [-n count] [-p password] [-t hash] [user]

DESCRIPTION

skeyinit initializes the system so you can use S/Key one-time passwords to login. The program will ask you to enter a secret pass phrase; enter a phrase of several words in response. After the S/Key database has been updated you can login using either your regular password or using S/Key one-time passwords.

skeyinit requires you to type a secret password, so it should be used only on a secure terminal.

OPTIONS

-k passphrase
Use pass phrase passphrase instead of asking for one to be entered.
-n count
Start the skey(1) sequence at count (default is 100).
-p password
Use password password instead of asking for one to be entered.
-s
allows the user to set the seed and count for complete control of the parameters. To do this run skeyinit in one window and put in your count and seed; then run skey(1) in another window to generate the correct 6 english words for that count and seed. You can then “cut-and-paste” or type the words into the skeyinit window.
-t hash
Selects the hash algorithm to use. Available choices are md4 (the default), md5, or sha1.
-x
Displays one-time password in hexadecimal instead of ASCII.
-z
Allows the user to zero their S/Key entry.
user
The username to be changed/added. By default the current user is operated on, only root may change other user's entries.

FILES

/etc/skeykeys
database of information for the S/Key system.

SEE ALSO

skey(1), skeyaudit(1), skeyinfo(1)

AUTHORS

Phil Karn Neil M. Haller John S. Walden Scott Chasin
September 19, 2005 NetBSD 6.1