Cryptography Reference
In-Depth Information
Of course, you can print the passwords if there's no computer around, but
you'd have to watch the list carefully.
What you'd normally do is you'd create 100 passwords in spare (or more if
you plan on going on a long trip). A shell script called
opieremind
that nice
administrators have running regularly reminds all users concerned by email
that less than 15 passwords are left. This means that it's about time to run
opiepasswd
again to create a new password list. Otherwise, OPIE warns you
upon login when less than ten or five passwords are left.
Some Doubts
One-time passwords are very secure from the cryptological point of view. A
new password list should be created only directly at the computer concerned or
over a secure connection (e.g., using SSH) to ensure that eavesdroppers at the
network can never intercept a valid password. Still, a few weaknesses remain:
•
The password verification is only based on a required minimum length.
This is 4 with S/Key and Logdaemon, and 10 with OPIE. That's not
strong enough a protection. It gives way to dictionary attacks, for example.
Ciphering errors shouldn't play a role in modern software anymore.
•
OPIE and Logdaemon let you specify 'trustworthy' networks from where
you can log in (using the usual password). If you work at your own com-
puter you won't be working with one-time passwords. But it is impossible
to activate OPIE for dynamically assigned IP addresses — you'd have to
state the network address. This is hindering in practice. Logdaemon is
more flexible in this respect and should be preferred over OPIE and
S/Key.
•
OPIE borrowed special data structures from the UNIX system, which
means that it is not particularly portable (except for
opiekey
, the 'OPIE
calculator', which is a pure computing program). The program comes
from the BSD world, and you can tell. Porting it to non-BSD and non-
Sun systems is difficult. Logdaemon seems to be doing better in this
respect.
•
There are several inconsistencies (e.g., 'OPIE' in the program, 'OTP' in
the documentation) and plenty of typos, leaving a bad impression.
If you are not allowed to use the login program on your system, have a look at
skeysh
, a program that belongs to Logdaemon. It is similar to an S/Key login
