BC> I can't figure out how to use the skey login for telnet It's pretty simple.
(1.) Make sure you have telnet enabled, typically by uncommenting it in /etc/inetd.conf and "pkill -1 inetd". (2.) As the user who wants to make use of SKEYs, run skeyinit once. You don't need any parameters. You will have to provide some "secret password" used as some of the generators of the SKEY sequences. You can simply reuse your standard login password or choose a new secret. skeyinit will end with some info like: ID cartwright skey is otp-md4 100 hack123456 Next login password: DIRT THUD ABLE IFFY ROVE FUD The above is the login access for the first, skey-based login coming up next, identified by a series id (hack123456) and running number (100, 99, 98, ...) . You will very likely be interested in a slightly longer list of the upcoming skeys phrases. Get this by entering: skey -n 10 100 hack123456 and your secret when prompted. You can recreate the list any time. Later on you would be interested in the list going from, say, 90 - 80. (3.) After your skeyinit, login prompts in telnet, rlogin, slogin, and you console (whatever is making use of the skey PAM module) will look like this: Password [ otp-md4 100 hack123456 ]: ____ At this point you can either use either your standard password or use & burn the next SKEY phrase from you list. For the "100 hack123456" identifier, you could enter "dirt thud able iffy rove fud" (case doesn't matter), and after have used this, you would be prompted with "Password [ otp-md4 99 hack123456 ]:" and could use the "99" phrase. The beautiful thing is that you can switch between you standard login password and an skey phrase any time. You don't have to commit to skeys completely by using them once. Give it a try! HTH, Martin