Merge branch 'vendor/MDOCML'
[dragonfly.git] / contrib / opie / opiepasswd.1
CommitLineData
984263bc
MD
1.\" opiepasswd.1: Manual page for the opiepasswd(1) program.
2.\"
3.\" %%% portions-copyright-cmetz-96
4.\" Portions of this software are Copyright 1996-1999 by Craig Metz, All Rights
5.\" Reserved. The Inner Net License Version 2 applies to these portions of
6.\" the software.
7.\" You should have received a copy of the license with this software. If
8.\" you didn't get a copy, you may request one from <license@inner.net>.
9.\"
10.\" Portions of this software are Copyright 1995 by Randall Atkinson and Dan
11.\" McDonald, All Rights Reserved. All Rights under this copyright are assigned
12.\" to the U.S. Naval Research Laboratory (NRL). The NRL Copyright Notice and
13.\" License Agreement applies to this software.
14.\"
15.\" History:
16.\"
17.\" Modified by cmetz for OPIE 2.4. Fixed spelling bug.
18.\" Modified by cmetz for OPIE 2.3. Added -f flag documentation.
19.\" Updated console example.
20.\" Modified by cmetz for OPIE 2.2. Removed MJR DES documentation.
21.\" Modified at NRL for OPIE 2.0.
22.\" Written at Bellcore for the S/Key Version 1 software distribution
23.\" (keyinit.1).
24.\"
25.\" $FreeBSD: src/contrib/opie/opiepasswd.1,v 1.3.6.3 2002/07/15 14:48:43 des Exp $
1de703da 26.\" $DragonFly: src/contrib/opie/opiepasswd.1,v 1.2 2003/06/17 04:24:05 dillon Exp $
984263bc
MD
27.ll 6i
28.pl 10.5i
29.lt 6.0i
30.TH OPIEPASSWD 1 "January 10, 1995"
31.AT 3
32.SH NAME
33opiepasswd \- Change or set a user's password for the OPIE authentication
34system.
35
36.SH SYNOPSIS
37.B opiepasswd
38[\-v] [\-h] [\-c|\-d] [\-f]
39.sp 0
40[\-n
41.I initial_sequence_number
42]
43[\-s
44.I seed
45] [
46.I user_name
47]
48
49.SH DESCRIPTION
50.I opiepasswd
51will initialize the system information to allow one to use OPIE to login.
52.I opiepasswd
53is downward compatible with the keyinit(1) program from the
54Bellcore S/Key Version 1 distribution.
55
56.SH OPTIONS
57.TP
58.TP
59.B \-v
60Display the version number and compile-time options, then exit.
61.TP
62.B \-h
63Display a brief help message and exit.
64.TP
65.B \-c
66Set console mode where the user is expected to have secure access to the
67system. In console mode, you will be asked to input your password directly
68instead of having to use an OPIE calculator. If you do not have secure access
69to the system (i.e., you are not on the system's console), you are
70volunteering your password to attackers by using this mode.
71.TP
72.B \-d
73Disable OTP logins to the specified account.
74.TP
75.B \-f
76Force
77.I opiepasswd
78to continue, even where it normally shouldn't. This is currently used to
79force opiepasswd to operate in "console" mode even from terminals it believes
80to be insecure. It can also allow users to disclose their secret pass phrases
81to attackers. Use of the -f flag may be disabled by compile-time option in
82your particular build of OPIE.
83.TP
84.B \-n
85Manually specify the initial sequence number. The default is 499.
86.TP
87.B \-s
88Specify a non-random seed. The default is to generate a "random" seed using
89the first two characters of the host name and five pseudo-random digits.
90.SH EXAMPLE
91Using
92.I opiepasswd
93from the console:
94.LP
95.sp 0
96wintermute$ opiepasswd \-c
97.sp 0
98Updating kebe:
99.sp 0
100Reminder \- Only use this method from the console; NEVER from remote. If you
101.sp 0
102are using telnet, xterm, or a dial\-in, type ^C now or exit with no password.
103.sp 0
104Then run opiepasswd without the \-c parameter.
105.sp 0
106Using MD5 to compute responses.
107.sp 0
108Enter old secret pass phrase:
109.sp 0
110Enter new secret pass phrase:
111.sp 0
112Again new secret pass phrase:
113.sp 0
114
115.sp 0
116ID kebe OPIE key is 499 be93564
117.sp 0
118CITE JAN GORY BELA GET ABED
119.sp 0
120wintermute$
121.LP
122Using
123.I opiepasswd
124from remote:
125.LP
126.sp 0
127wintermute$ opiepasswd
128.sp 0
129Updating kebe:
130.sp 0
131Reminder: You need the response from your OPIE calculator.
132.sp 0
133Old secret password:
134.sp 0
135 otp-md5 482 wi93563
136.sp 0
137 Response: FIRM BERN THEE DUCK MANN AWAY
138.sp 0
139New secret password:
140.sp 0
141 otp-md5 499 wi93564
142.sp 0
143 Response: SKY FAN BUG HUFF GUS BEAT
144.sp 0
145
146.sp 0
147ID kebe OPIE key is 499 wi93564
148.sp 0
149SKY FAN BUG HUFF GUS BEAT
150.sp 0
151wintermute$
152.LP
153.SH FILES
154.TP
155/etc/opiekeys -- database of key information for the OPIE system.
156
157.SH SEE ALSO
158.BR ftpd (8),
159.BR login (1),
160.BR passwd (1),
161.BR opie (4),
162.BR opiekey (1),
163.BR opieinfo (1),
164.BR su (1),
165.BR opiekeys (5),
166.BR opieaccess (5)
167
168.SH AUTHOR
169Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and John S. Walden
170of Bellcore. OPIE was created at NRL by Randall Atkinson, Dan McDonald, and
171Craig Metz.
172
173S/Key is a trademark of Bell Communications Research (Bellcore).
174
175.SH CONTACT
176OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join,
177send an email request to:
178.sp
179skey-users-request@thumper.bellcore.com