Date: Mon, 11 Feb 2002 20:56:19 -0800 From: Ryan Cumming <bodnar42@phalynx.dhs.org> To: freebsd-questions@FreeBSD.ORG Subject: OPIE? Message-ID: <200202112056.19168.bodnar42@phalynx.dhs.org>
next in thread | raw e-mail | index | archive | help
I noticed that when I SSH'ed to my newly upgraded FreeBSD 4.5 server, it seemed pretty persistant on getting some "S/Key" gizmo. So, I found the relevant section of the handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/skey.html), and tried to get it working. So, I ssh'ed in as a normal user, and ran opiepasswd: "bash-2.04$ opiepasswd Adding userfoo: You need the response from an OTP generator. New secret pass phrase: otp-md5 499 ma6395 Response:" On the box I was ssh'ing in from: "hostfoo:~$ opiekey 499 ma6395 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: MA BUN GEM BOSE JOCK CRAY" Typing in that passphrase on the server yielded: "Error updating key database." Well, fuck. So, I tried running "opiepasswd foouser" as root: "Adding foouser: You need the response from an OTP generator. New secret pass phrase: otp-md5 499 ma9612 Response: BROW LYRA RAKE TOTE HANS APT ID foouser OTP key is 499 ma9612 BROW LYRA RAKE TOTE HANS APT" Yay, did it work? Well, lets try logging in: "ssh fooserver -lfoouser otp-md5 498 ma9612 ext S/Key Password:" So, using opiekey on the local machine: "opiekey 499 ma9612 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: BROW LYRA RAKE TOTE HANS APT" Typing that in to the prompt doesn't let me login, oddly enough. So, what do I do? This is a fresh FreeBSD 4.5 install, and both the server and the local machine are running OPIE 2.32. -Ryan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202112056.19168.bodnar42>