DragonFly On-Line Manual Pages
opiepasswd - Change or set a user's password for the
OPIE authentication system.
opiepasswd [-v] [-h] [-c|-d] [-f]
[-n initial_sequence_number ] [-s seed ] [ user_name
opiepasswd will initialize the system information to
allow one to use OPIE to login. opiepasswd is down-
ward compatible with the keyinit(1) program from the
Bellcore S/Key Version 1 distribution.
-v Display the version number and compile-
time options, then exit.
-h Display a brief help message and exit.
-c Set console mode where the user is
expected to have secure access to the
system. In console mode, you will be
asked to input your password directly
instead of having to use an OPIE calcu-
lator. If you do not have secure access
to the system (i.e., you are not on the
system's console), you are volunteering
your password to attackers by using
-d Disable OTP logins to the specified
-f Force opiepasswd to continue, even
where it normally shouldn't. This is
currently used to force opiepasswd to
operate in "console" mode even from
terminals it believes to be insecure.
It can also allow users to disclose
their secret pass phrases to attackers.
Use of the -f flag may be disabled by
compile-time option in your particular
build of OPIE.
-n Manually specify the initial sequence
number. The default is 499.
-s Specify a non-random seed. The default
is to generate a "random" seed using
the first two characters of the host
name and five pseudo-random digits.
Using opiepasswd from the console:
wintermute$ opiepasswd -c
Reminder - Only use this method from the con-
sole; NEVER from remote. If you
are using telnet, xterm, or a dial-in, type ^C
now or exit with no password.
Then run opiepasswd without the -c parameter.
Using MD5 to compute responses.
Enter old secret pass phrase:
Enter new secret pass phrase:
Again new secret pass phrase:
ID kebe OPIE key is 499 be93564
CITE JAN GORY BELA GET ABED
Using opiepasswd from remote:
Reminder: You need the response from your OPIE
Old secret password:
otp-md5 482 wi93563
Response: FIRM BERN THEE DUCK MANN
New secret password:
otp-md5 499 wi93564
Response: SKY FAN BUG HUFF GUS BEAT
ID kebe OPIE key is 499 wi93564
SKY FAN BUG HUFF GUS BEAT
/etc/opiekeys -- database of key information
for the OPIE system.
ftpd(8), login(1), passwd(1), opie(4),
opiekey(1), opieinfo(1), su(1), opiekeys(5),
Bellcore's S/Key was written by Phil Karn,
Neil M. Haller, and John S. Walden of Bell-
core. OPIE was created at NRL by Randall
Atkinson, Dan McDonald, and Craig Metz.
S/Key is a trademark of Bell Communications
OPIE is discussed on the Bellcore "S/Key
Users" mailing list. To join, send an email
7th Edition January 10, 1995 OPIEPASSWD(1)