From owner-freebsd-security  Sat Feb 15 20:29:27 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA11951
          for security-outgoing; Sat, 15 Feb 1997 20:29:27 -0800 (PST)
Received: from narcissus.ml.org (root@brosenga.Pitzer.edu [134.173.120.201])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA11942
          for <security@FreeBSD.ORG>; Sat, 15 Feb 1997 20:29:24 -0800 (PST)
Received: (from ben@localhost) by narcissus.ml.org (8.7.5/8.7.3) id UAA13482; Sat, 15 Feb 1997 20:29:19 -0800 (PST)
Date: Sat, 15 Feb 1997 20:29:19 -0800 (PST)
From: Snob Art Genre <ben@narcissus.ml.org>
To: Richard Wackerbarth <rkw@dataplex.net>
cc: Poul-Henning Kamp <phk@critter.dk.tfs.com>, security@FreeBSD.ORG
Subject: Re: changing password...
In-Reply-To: <l03010d09af2c28477b2a@[208.2.87.3]>
Message-ID: <Pine.BSF.3.91.970215202842.13362B-100000@narcissus.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Sat, 15 Feb 1997, Richard Wackerbarth wrote:

> >In message <m0vvvPU-0008zXC@agora.rdrop.com>, Alan Batie writes:
> >>> Example: to change my my password securely when I had to log in from
> >>>another
> >>> location.
> >>
> >>How did you get logged in in the first place?  Either you're using something
> >>like ssh and it's all secure, or you're logging in in the clear, and you
> >>open it up regardless.
> >
> >... but wanting to close it right now...
> 
> This proposal would allow it.

If you want one-time passwords, this seems sort of clunky.  Why not use 
S-Key or the like?
 
> login: my_name
> passwd: Clear_text_1
> 
> passwd -c $n$Hash_of_Clear_text_2$
> 
> [real work here]
> logoff
> 
> [next time]
> 
> login: my_name
> passwd: Clear_text_2
> 
> passwd -c $n$Hash_of_Clear_text_3$
> 
> [real work here]
> 
> etc.
> 
> 
> 



 Ben

"You have your mind on computers, it seems."