From owner-freebsd-security Fri Sep 15 16:59: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from alpha.simphost.com (alpha.simphost.com [216.253.163.10]) by hub.freebsd.org (Postfix) with ESMTP id 1E8EB37B424; Fri, 15 Sep 2000 16:59:02 -0700 (PDT) Received: by alpha.simphost.com (Postfix, from userid 1000) id D24D343D0B; Fri, 15 Sep 2000 11:02:42 -0600 (MDT) Received: from localhost (localhost [127.0.0.1]) by alpha.simphost.com (Postfix) with ESMTP id CC8553E006; Fri, 15 Sep 2000 11:02:42 -0600 (MDT) Date: Fri, 15 Sep 2000 11:02:42 -0600 (MDT) From: "Jason L. Schwab" To: freebsd-questions@freebsd.org, freebsd-security@freebsd.org Subject: S/Key (FBSD-3.5-S) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hey ;) I am trying to get S/Key system to work on my FreeBSD 3.5-STABLE machine. I read the manpages for keyinit, sky, key, etc. - and I read the skey.html file on www.freebsd.org., so I have RTFM... I run "keyinit", asks for a new pass phrase, I give it one twice, it generates the key and gives me the ky # and etc. just fine. I telnet to the machine, type in my username it says s/key () ()... and I hit enter to make sure I am typing it tight, and which I am and verified 10 times. No matter what, I get Login Incorrect. I noitced on OpenBSD Systems, (2.6) That you had to run "skey on username" before that user could use skey, even tho I already get the s/key request at the login prompt. Any ideas would be greatful, Thanks! Also, Is there a way in FreeBSD 3.5-S, to make an account only accesable from certain IP Blocks? (or hostnames)? thanks again! - Jason L. Schwab CEO / Unix System Administrator Simple Hosting Solutions www.simphost.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message