opiepasswd - Change or set a user's password for the OPIE authentication
opiepasswd [-v] [-h] [-c|-d] [-f]
[-n initial_sequence_number ] [-s seed ] [ user_name ]
opiepasswd will initialize the system information to allow one to use
OPIE to login. opiepasswd is downward compatible with the keyinit(1)
program from the Bellcore S/Key Version 1 distribution.
-v Display the version number and compile-time options, then
-h Display a brief help message and exit.
-c Set console mode where the user is expected to have
secure access to the system. In console mode, you will be
asked to input your password directly instead of having
to use an OPIE calculator. If you do not have secure
access to the system (i.e., you are not on the system's
console), you are volunteering your password to attackers
by using this mode.
-d Disable OTP logins to the specified account.
-f Force opiepasswd to continue, even where it normally
shouldn't. This is currently used to force opiepasswd to
operate in "console" mode even from terminals it believes
to be insecure. It can also allow users to disclose their
secret pass phrases to attackers. Use of the -f flag may
be disabled by compile-time option in your particular
build of OPIE.
-n Manually specify the initial sequence number. The default
-s Specify a non-random seed. The default is to generate a
"random" seed using the first two characters of the host
name and five pseudo-random digits.
Using opiepasswd from the console:
wintermute$ opiepasswd -c
Reminder - Only use this method from the console; NEVER from
remote. If you
are using telnet, xterm, or a dial-in, type ^C now or exit with
Then run opiepasswd without the -c parameter.
Using MD5 to compute responses.
Enter old secret pass phrase:
Enter new secret pass phrase:
Again new secret pass phrase:
ID kebe OPIE key is 499 be93564
CITE JAN GORY BELA GET ABED
Using opiepasswd from remote:
Reminder: You need the response from your OPIE calculator.
Old secret password:
otp-md5 482 wi93563
Response: FIRM BERN THEE DUCK MANN AWAY
New secret password:
otp-md5 499 wi93564
Response: SKY FAN BUG HUFF GUS BEAT
ID kebe OPIE key is 499 wi93564
SKY FAN BUG HUFF GUS BEAT
/etc/opiekeys -- database of key information for the OPIE system.
ftpd(8), login(1), passwd(1), opie(4), opiekey(1), opieinfo(1),
su(1), opiekeys(5), opieaccess(5)
Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and
John S. Walden of Bellcore. OPIE was created at NRL by Randall
Atkinson, Dan McDonald, and Craig Metz.
S/Key is a trademark of Bell Communications Research (Bellcore).
OPIE is discussed on the Bellcore "S/Key Users" mailing list. To
join, send an email request to:
7th Edition January 10, 1995 OPIEPASSWD(1)
[ Back ]