From 1d36303c9d64f25a0faa0196320d2d1a0b568680 Mon Sep 17 00:00:00 2001 From: Mark Murray Date: Wed, 19 Sep 2001 14:05:27 +0000 Subject: [PATCH] Update for OPIE use in CURRENT. Tested against: "make lint" using the docproj port. --- .../books/handbook/security/chapter.sgml | 206 +++++++++++------- 1 file changed, 131 insertions(+), 75 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml index c7cdc1fc65..7817a8e2c0 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml @@ -1,7 +1,7 @@ @@ -984,73 +984,82 @@ lrwxr-xr-x 1 root wheel 15 Mar 19 06:56 libcrypt_p.a -> libdescrypt_p.a + From version 5.0 of FreeBSD, S/Key has been replaced with + the functionally equivalent OPIE (Onetime Passwords In + Everything). OPIE uses the MD5 hash by default. + There are three different sorts of passwords which we will talk about in the discussion below. The first is your usual Unix-style or Kerberos password; we will call this a Unix password. The second sort is the one-time password which is generated by the - S/Key key program and accepted by the - keyinit program and the login prompt; we will + S/Key key program or the OPIE + opiekey program and accepted by the + keyinit or opiepasswd programs + and the login prompt; we will call this a one-time password. The final sort of password is the secret password which you give to the - key program (and sometimes the - keyinit program) which it uses to generate + key/opiekey programs (and + sometimes the + keyinit/opiepasswd programs) + which it uses to generate one-time passwords; we will call it a secret password or just unqualified password. The secret password does not have anything to do with your Unix password; they can be the same but this is not recommended. S/Key - secret passwords are not limited to 8 characters like Unix passwords, - they can be as long as you like. Passwords of six or seven word - long phrases are fairly common. For the most part, the S/Key system - operates completely independently of the Unix password - system. + and OPIE secret passwords are not limited to 8 characters like Unix + passwords, they can be as long as you like. Passwords of six or + seven word long phrases are fairly common. For the most part, the + S/Key or OPIE system operates completely independently of the Unix + password system. Besides the password, there are two other pieces of data that - are important to S/Key. One is what is known as the + are important to S/Key and OPIE. One is what is known as the seed or key, consisting of two letters and five digits. The other is what is called the iteration count, a number between 1 and 100. S/Key creates the one-time password by concatenating the seed and the secret password, - then applying the MD4 hash as many times as specified by the + then applying the MD4/MD5 hash as many times as specified by the iteration count and turning the result into six short English words. These six English words are your one-time password. The - login and su programs keep + authentication system (primarily PAM) keeps track of the last one-time password used, and the user is authenticated if the hash of the user-provided password is equal to the previous password. Because a one-way hash is used it is impossible to generate future one-time passwords if a successfully used password is captured; the iteration count is decremented after each successful login to keep the user and the login program in - sync. When the iteration count gets down to 1, S/Key must be + sync. When the iteration count gets down to 1, S/Key and OPIE must be reinitialized. - There are four programs involved in the S/Key system which we - will discuss below. The key program accepts an - iteration count, a seed, and a secret password, and generates a - one-time password. The keyinit program is used - to initialize S/Key, and to change passwords, iteration counts, or - seeds; it takes either a secret password, or an iteration count, - seed, and one-time password. The keyinfo program - examines the /etc/skeykeys file and prints out - the invoking user's current iteration count and seed. Finally, the - login and su programs contain - the necessary logic to accept S/Key one-time passwords for - authentication. The login program is also - capable of disallowing the use of Unix passwords on connections - coming from specified addresses. + There are three programs involved in each system + which we will discuss below. The key and + opiekey programs accept an iteration + count, a seed, and a secret password, and generate a one-time + password or or a consecutive list of one-time passwords. The + keyinit and opiepasswd + programs are used to initialize S/Key and OPIE respectively, + and to change passwords, iteration counts, or seeds; they + take either a secret passphrase, or an iteration count, + seed, and one-time password. The keyinfo + and opieinfo programs examine the + relevant credentials files (/etc/skeykeys or + /etc/opiekeys) and print out the invoking user's + current iteration count and seed. There are four different sorts of operations we will cover. The - first is using the keyinit program over a secure - connection to set up S/Key for the first time, or to change your - password or seed. The second operation is using the - keyinit program over an insecure connection, in - conjunction with the key program over a secure - connection, to do the same. The third is using the - key program to log in over an insecure - connection. The fourth is using the key program - to generate a number of keys which can be written down or printed - out to carry with you when going to some location without secure - connections to anywhere. + first is using keyinit or + opiepasswd over a secure connection to set up + one-time-passwords for the first time, or to change your password + or seed. The second operation is using keyinit + or opiepasswd over an insecure connection, in + conjunction with key or opiekey + over a secure connection, to do the same. The third is using + key/opiekey to log in over + an insecure connection. The fourth is using key + or opiekey to generate a number of keys which + can be written down or printed out to carry with you when going to + some location without secure connections to anywhere. Secure Connection Initialization @@ -1071,12 +1080,28 @@ Again secret password: ID unfurl s/key is 99 to17757 DEFY CLUB PRO NASH LACE SOFT - At the Enter secret password: prompt, you + For OPIE, opiepasswd is used instead: + + &prompt.user; opiepasswd -c +[grimreaper] ~ $ opiepasswd -f -c +Adding unfurl: +Only use this method from the console; NEVER from remote. If you are using +telnet, xterm, or a dial-in, type ^C now or exit with no password. +Then run opiepasswd without the -c parameter. +Using MD5 to compute responses. +Enter new secret pass phrase: +Again new secret pass phrase: +ID unfurl OTP key is 499 to4268 +MOS MALL GOAT ARM AVID COED + + + At the Enter new secret pass phrase: or + Enter secret password: prompts, you should enter a password or phrase. Remember, this is not the password that you will use to login with, this is used to generate your one-time login keys. The ID line gives the - parameters of your particular S/Key instance; your login name, the - iteration count, and seed. When logging in with S/Key, the system + parameters of your particular instance; your login name, the + iteration count, and seed. When logging in the system will remember these parameters and present them back to you so you do not have to remember them. The last line gives the particular one-time password which corresponds to those parameters and your @@ -1087,10 +1112,10 @@ DEFY CLUB PRO NASH LACE SOFT Insecure Connection Initialization - To initialize S/Key or change your secret password over an + To initialize change your secret password over an insecure connection, you will need to already have a secure - connection to some place where you can run the - key program; this might be in the form of a + connection to some place where you can run key + or opiekey; this might be in the form of a desk accessory on a Macintosh, or a shell prompt on a machine you trust. You will also need to make up an iteration count (100 is probably a good value), and you may make up your own seed or use a @@ -1105,7 +1130,26 @@ Reminder you need the 6 English words from the key command. Enter sequence count from 1 to 9999: 100 Enter new key [default to17759]: s/key 100 to 17759 -s/key access password: +s/key access password: +s/key access password:CURE MIKE BANE HIM RACY GORE + + + For OPIE, you need to use opiepasswd: + + &prompt.user; opiepasswd + +Updating unfurl: +You need the response from an OTP generator. +Old secret pass phrase: + otp-md5 498 to4268 ext + Response: GAME GAG WELT OUT DOWN CHAT +New secret pass phrase: + otp-md5 499 to4269 + Response: LINE PAP MILK NELL BUOY TROY + +ID mark OTP key is 499 gr4269 +LINE PAP MILK NELL BUOY TROY + To accept the default seed (which the keyinit program confusingly calls a @@ -1118,22 +1162,23 @@ Reminder - Do not use this program while logged in via telnet or rlogin. Enter secret password: <secret password> CURE MIKE BANE HIM RACY GORE + Or for OPIE: + + &prompt.user; opiekey 498 to4268 +Using the MD5 algorithm to compute response. +Reminder: Don't use opiekey from telnet or dial-in sessions. +Enter secret pass phrase: +GAME GAG WELT OUT DOWN CHAT + + Now switch back over to the insecure connection, and copy the - one-time password generated by key over to the - keyinit program: - - s/key access password:CURE MIKE BANE HIM RACY GORE -ID unfurl s/key is 100 to17759 -CURE MIKE BANE HIM RACY GORE - - The rest of the description from the previous section applies - here as well. + one-time password generated over to the relevant program. Generating a Single one-time Password - Once you have initialized S/Key, when you login you will be + Once you have initialized S/Key or OPIE, when you login you will be presented with a prompt like this: &prompt.user; telnet example.com @@ -1147,15 +1192,24 @@ login: <username> s/key 97 fw13894 Password: - As a side note, the S/Key prompt has a useful feature + Or for OPIE: + +&prompt.user; telnet example.com +Trying 10.0.0.1... +Connected to example.com +Escape character is '^]'. + +FreeBSD/i386 (example.com) (ttypa) + +login: <username> +otp-md5 498 gr4269 ext +Password: + + As a side note, the S/Key and OPIE prompts have a useful feature (not shown here): if you press return at the password prompt, the - login program will turn echo on, so you can see what you are + prompter will turn echo on, so you can see what you are typing. This can be extremely useful if you are attempting to - type in an S/Key by hand, such as from a printout. Also, if this - machine were configured to disallow Unix passwords over a - connection from the source machine, the prompt would have also included - the annotation (s/key required), indicating - that only S/Key one-time passwords will be accepted. + type in a password by hand, such as from a printout. MS-DOS Windows @@ -1163,12 +1217,12 @@ Password: At this point you need to generate your one-time password to answer this login prompt. This must be done on a trusted system - that you can run the key command on. (There - are versions of the key program for MS-DOS, - Windows and MacOS as well.) The key program - needs both the iteration count and the seed as command line - options. You can cut-and-paste these right from the login prompt - on the machine that you are logging in to. + that you can run key or + opiekey on. (There are versions of these for DOS, + Windows and MacOS as well.) They need both the iteration count and + the seed as command line options. You can cut-and-paste these + right from the login prompt on the machine that you are logging + in to. On the trusted system: @@ -1177,6 +1231,14 @@ Reminder - Do not use this program while logged in via telnet or rlogin. Enter secret password: WELD LIP ACTS ENDS ME HAAG + For OPIE: + + &prompt.user; opiekey 498 to4268 +Using the MD5 algorithm to compute response. +Reminder: Don't use opiekey from telnet or dial-in sessions. +Enter secret pass phrase: +GAME GAG WELT OUT DOWN CHAT + Now that you have your one-time password you can continue logging in: @@ -1187,12 +1249,6 @@ s/key 97 fw13894 Password [echo on]: WELD LIP ACTS ENDS ME HAAG Last login: Tue Mar 21 11:56:41 from 10.0.0.2 ... - This is the easiest mechanism if you have - a trusted machine. There is a Java S/Key key - applet, The Java OTP - Calculator, that you can download and run locally on any - Java supporting browser.