SKEY(5) BSD Reference Manual SKEY(5)
skey - one-time password user database
The /etc/skey directory contains user records for the S/Key one-time password authentication system. Records take the form of files within /etc/skey where each file is named for the user whose record it contains. For example, /etc/skey/root would hold root's S/Key record. The mode for /etc/skey should be 01730 and it should be owned by root and group auth. Individual records within /etc/skey should be owned by the user they describe and be mode 0600. To access S/Key records, a process must run as group auth. Each record consists of five lines: 1. The name of the user the record describes. This should be the same as the name of the file. 2. The hash type used for this entry; one of md4, md5, sha1, or rmd160. The default is md5. 3. The sequence number. This is a decimal number between one and one thousand. Each time the user authenticates via S/Key this number is decremented by one. 4. A seed used along with the sequence number and the six S/Key words to compute the value. 5. The value expected from the crunching of the user's seed, sequence number and the six S/Key words. When the result matches this value, authentication is considered to have been successful.
Here is a sample /etc/skey file for root: root md5 99 obsd36521 1f4359a3764b675d
skey(1), skeyinit(1), skey(3) MirOS BSD #10-current May 16, 2002 1
Generated on 2015-10-25 00:47:46 by $MirOS: src/scripts/roff2htm,v 1.81 2015/10/16 13:19:09 tg Exp $
These manual pages and other documentation are copyrighted by their respective writers;
their source is available at our CVSweb,
AnonCVS, and other mirrors. The rest is Copyright © 2002–2015 The MirOS Project, Germany.
This product includes material provided by mirabilos.
This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report – diffs preferred.