| SKEY(1) | General Commands Manual | SKEY(1) | 
skey —
| skey | [ -ncount]
      [-ppassword]
      [-thash]
      [-x] sequence# [/]
      key | 
S/Key uses 64 bits of information, transformed by the MD4 algorithm into 6 English words. The user supplies the words to authenticate himself to programs like login(1) or ftpd(8).
Example use of the S/Key program
    skey:
% skey 99 th91334 Enter password: <your secret password is entered here> OMEN US HORN OMIT BACK AHOY %
The string that is given back by skey can
    then be used to log into a system.
The programs that are part of the S/Key system are:
skeyWhen you run
    skeyinit(1) you inform the
    system of your secret password. Running skey then
    generates the one-time password(s), after requiring your secret password. If
    however, you misspell your secret password that you have given to
    skeyinit(1) while running
    skey you will get a list of passwords that will not
    work, and no indication about the problem.
Password sequence numbers count backward from 99. You can enter
    the passwords using small letters, even though skey
    prints them capitalized.
The -n count
    argument asks for count password sequences to be
    printed out ending with the requested sequence number.
The hash algorithm is selected using the
    -t hash option, possible
    choices here are md4, md5 or sha1.
The -p password
    allows the user to specify the S/Key password on the
    command line.
To output the S/Key list in hexadecimal instead of words, use the
    -x option.
host% skeyinit Password: <normal login password> [Adding username] Enter secret password: <new secret password> Again secret password: <new secret password again> ID username s/key is 99 host12345 Next login password: SOME SIX WORDS THAT WERE COMPUTED
Produce a list of one time passwords to take with to a conference:
host% skey -n 3 99 host12345 Enter secret password: <secret password as used with skeyinit> 97: NOSE FOOT RUSH FEAR GREY JUST 98: YAWN LEO DEED BIND WACK BRAE 99: SOME SIX WORDS THAT WERE COMPUTED
Logging in to a host where skey is
    installed:
host% telnet host login: <username> Password [s/key 97 host12345]:
Note that the user can use either his/her S/Key
    password at the prompt but also the normal one unless the
    -s flag is given to
    login(1).
RFC 2289
| July 25, 2001 | NetBSD 10.1 |