NAME

skeyinit — change password or add user to S/Key authentication system

SYNOPSIS

skeyinit

[-sxz] [-k passphrase] [-n count] [-p password] [-t hash] [user]

DESCRIPTION

skeyinit initializes the system so you can use S/Key one-time passwords to login. The program will ask you to enter a secret pass phrase; enter a phrase of several words in response. After the S/Key database has been updated you can login using either your regular password or using S/Key one-time passwords.

skeyinit requires you to type a secret password, so it should be used only on a secure terminal.

OPTIONS

-k passphrase

Use pass phrase passphrase instead of asking for one to be entered.

-n count

Start the skey(1) sequence at count (default is 100).

-p password

Use password password instead of asking for one to be entered.

-s

allows the user to set the seed and count for complete control of the parameters. To do this run skeyinit in one window and put in your count and seed; then run skey(1) in another window to generate the correct 6 english words for that count and seed. You can then “cut-and-paste” or type the words into the skeyinit window.

-t hash

Selects the hash algorithm to use. Available choices are md4 (the default), md5, or sha1.

-x

Displays one-time password in hexadecimal instead of ASCII.

-z

Allows the user to zero their S/Key entry.

user

The username to be changed/added. By default the current user is operated on, only root may change other user's entries.

FILES

/etc/skeykeys

database of information for the S/Key system.

SEE ALSO

skey(1), skeyaudit(1), skeyinfo(1)

AUTHORS

Phil Karn Neil M. Haller John S. Walden Scott Chasin