{"id":98,"date":"2011-01-17T07:52:29","date_gmt":"2011-01-17T07:52:29","guid":{"rendered":"https:\/\/olkn.homelinux.net\/?p=98"},"modified":"2011-01-17T07:52:29","modified_gmt":"2011-01-17T07:52:29","slug":"otp-one-time-passwords","status":"publish","type":"post","link":"https:\/\/olkn.myvnc.com\/?p=98","title":{"rendered":"OTP &#8211; One Time Passwords"},"content":{"rendered":"<p>After the installation of anyterm on my sheeva I am now working on the integration of One Time Passwords to enable fullaccess to my network even from a compromised workstation in an internet cafe.<\/p>\n<p>I decided to go with OPIE &#8211; One-time Passwords In Everything which is using the S\/KEY system (http:\/\/www.inner.net\/opie).\u00a0 The installation is as easy as:<\/p>\n<p>aptitude install opie-server opie-client<\/p>\n<p>after that the pam module for SSH must be adjusted:<\/p>\n<p>\/etc\/pam.d\/sshd<\/p>\n<pre>auth sufficient pam_unix.so\nauth sufficient pam_opie.so\nauth required pam_deny.so<\/pre>\n<p>must be in whereas:<\/p>\n<pre>@include common-auth<\/pre>\n<p>must be out.<\/p>\n<p>Initialisation is done via:<\/p>\n<pre>opiepasswd -c<\/pre>\n<p>which gives you back the first password and seed. You need to give a passphrase for the actual account before the command completes.<\/p>\n<p>With the command opiekey the sequence number and the passphrase you can also get the apropriate password or with the option -n &lt;number&gt; a list of usable<br \/>\npasswords for printing.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>After the installation of anyterm on my sheeva I am now working on the integration of One Time Passwords to enable fullaccess to my network even from a compromised workstation in an internet cafe. I decided to go with OPIE &#8211; One-time Passwords In Everything which is using the S\/KEY system (http:\/\/www.inner.net\/opie).\u00a0 The installation is &hellip; <a href=\"https:\/\/olkn.myvnc.com\/?p=98\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">OTP &#8211; One Time Passwords<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[75,90,93,95,96,97,112,114,120,121],"class_list":["post-98","post","type-post","status-publish","format-standard","hentry","category-debian-administration-software-projects","tag-key","tag-one-time-password","tag-opie","tag-otp","tag-passphrase","tag-password","tag-skey","tag-security","tag-ssh","tag-sshd"],"_links":{"self":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts\/98","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=98"}],"version-history":[{"count":0,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts\/98\/revisions"}],"wp:attachment":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=98"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=98"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=98"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}