diff options
author | guido <guido@FreeBSD.org> | 1994-05-19 18:13:11 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 1994-05-19 18:13:11 +0000 |
commit | 459ed7e4316bf44797e4098d54efd58a0803b3b6 (patch) | |
tree | bea6080606e2fc5fcfcff2cb5a12f3acd66bde2e /usr.bin/keyinit/keyinit.1 | |
parent | 58c979d79c586f4248423534773a1da04c7d198d (diff) | |
download | FreeBSD-src-459ed7e4316bf44797e4098d54efd58a0803b3b6.zip FreeBSD-src-459ed7e4316bf44797e4098d54efd58a0803b3b6.tar.gz |
1) Added s/key support .
2 Added optional excessive login logging.
3) Added login acces control on a per host/tty base.
4) See skey(1) for skey descriptions and src/usr.bin/login/README
for the logging and access control features.
-Guido
Diffstat (limited to 'usr.bin/keyinit/keyinit.1')
-rw-r--r-- | usr.bin/keyinit/keyinit.1 | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/usr.bin/keyinit/keyinit.1 b/usr.bin/keyinit/keyinit.1 new file mode 100644 index 0000000..2fe2d03 --- /dev/null +++ b/usr.bin/keyinit/keyinit.1 @@ -0,0 +1,64 @@ +.ll 6i +.pl 10.5i +.\" @(#)keyinit.1 1.0 (Bellcore) 7/20/93 +.\" +.lt 6.0i +.TH KEYINIT 1 "20 July 1993" +.AT 3 +.SH NAME +keyinit \- Change password or add user to S/Key authentication system. +.SH SYNOPSIS +.B keyinit [\-s] [<user ID >] +.SH DESCRIPTION +.I keyinit +initializes the system so you can use S/Key one-time passwords to +login. The program will ask you to enter a secret pass phrase; enter a +phrase of several words in response. After the S/Key database has been +updated you can login using either your regular UNIX password or using +S/Key one-time passwords. +.PP +When logging in from another machine you can avoid typing a real +password over the network, by typing your S/Key pass phrase to the +\fIkey\fR command on the local machine: the program will respond with +the one-time password that you should use to log into the remote +machine. This is most conveniently done with cut-and-paste operations +using a mouse. Alternatively, you can pre-compute one-time passwords +using the \fIkey\fR command and carry them with you on a piece of paper. +.PP +\fIkeyinit\fR requires you to type your secret password, so it should +be used only on a secure terminal. For example, on the console of a +workstation. If you are using \fIkeyinit\fR while logged in over an +untrusted network, follow the instructions given below with the \-s +option. +.SH OPTIONS +.IP \-s +Set secure mode where the user is expected to have used a secure +machine to generate the first one time password. Without the \-s the +system will assume you are direct connected over secure communications +and prompt you for your secret password. +The \-s option also allows one to set the seed and count for complete +control of the parameters. You can use keyinit -s in compination with +the +.I key +command to set the seed and count if you do not like the defaults. +To do this run keyinit in one window and put in your count and seed +then run key in another window to generate the correct 6 english words +for that count and seed. You can then +"cut" and "paste" them or copy them into the keyinit window. +.sp +.LP +.B <user ID> +the ID for the user to be changed/added +.SH DIAGNOSTICS +.SH FILES +.TP +/etc/skeykeys data base of information for S/Key system. +.SH BUGS +.LP +.SH SEE ALSO +.BR skey(1), +.BR key(1), +.BR keysu(1), +.BR keyinfo(1) +.SH AUTHOR +Command by Phil Karn, Neil M. Haller, John S. Walden |