diff options
| author |   otto <otto@openbsd.org> | 2004-06-04 18:18:20 +0000 |
|---|---|---|
| committer | otto <otto@openbsd.org> | 2004-06-04 18:18:20 +0000 |
| commit | b411b0a84db3b3c485502b134ec3e2fa502d7ddc (patch) | |
| tree | b244fdf243a909f4b4a71ff821069e47f2bb98ca /usr.bin/skeyinit | |
| parent | Bugs section, of course: we don't support event capabilities yet. (diff) | |
| download | wireguard-openbsd-b411b0a84db3b3c485502b134ec3e2fa502d7ddc.tar.xz wireguard-openbsd-b411b0a84db3b3c485502b134ec3e2fa502d7ddc.zip | |
Consistently use "secret passphrase" for the passphrase made up by the user
and "one-time password" for the generated passwords.
ok jmc@ millert@
Diffstat (limited to 'usr.bin/skeyinit')
| -rw-r--r-- | usr.bin/skeyinit/skeyinit.1 | 13 | ||||
| -rw-r--r-- | usr.bin/skeyinit/skeyinit.c | 4 |
2 files changed, 9 insertions, 8 deletions
diff --git a/usr.bin/skeyinit/skeyinit.1 b/usr.bin/skeyinit/skeyinit.1 index 6ebe845f013..4195428ed0d 100644 --- a/usr.bin/skeyinit/skeyinit.1 +++ b/usr.bin/skeyinit/skeyinit.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: skeyinit.1,v 1.26 2003/06/10 09:12:11 jmc Exp $ +.\" $OpenBSD: skeyinit.1,v 1.27 2004/06/04 18:18:20 otto Exp $ .\" $NetBSD: skeyinit.1,v 1.4 1995/07/07 22:24:09 jtc Exp $ .\" @(#)skeyinit.1 1.1 10/28/93 .\" @@ -26,14 +26,16 @@ .Sh DESCRIPTION .Nm initializes the system so you can use S/Key one-time passwords to login. -The program will ask you to enter a secret pass phrase; +The program will ask you to enter a secret passphrase which is used by +.Xr skey 1 +to generate one-time passwords; enter a phrase of several words in response. After the S/Key database has been updated you can login using either your regular password or using S/Key one-time passwords. .Pp .Nm -requires you to type a secret password, so it should be used +requires you to type a secret passphrase, so it should be used only on a secure terminal. For example, on the console of a workstation or over an encrypted network session. @@ -80,7 +82,7 @@ machine to generate the first one-time password. Without the .Fl s option the system will assume you are directly connected over secure -communications and prompt you for your secret password. +communications and prompt you for your secret passphrase. The .Fl s option also allows one to set the seed and count for complete @@ -114,10 +116,9 @@ defeats the purpose of using .Dq secure mode. .It Fl x -Displays pass phrase in hexadecimal instead of ASCII. +Displays one-time password in hexadecimal instead of ASCII. .It Fl a Ar auth-type Specify an authentication type such as -.Dq krb4 , .Dq krb5 or .Dq passwd . diff --git a/usr.bin/skeyinit/skeyinit.c b/usr.bin/skeyinit/skeyinit.c index a72d24ec983..f86687cfa19 100644 --- a/usr.bin/skeyinit/skeyinit.c +++ b/usr.bin/skeyinit/skeyinit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: skeyinit.c,v 1.45 2003/11/26 00:05:27 espie Exp $ */ +/* $OpenBSD: skeyinit.c,v 1.46 2004/06/04 18:18:20 otto Exp $ */ /* OpenBSD S/Key (skeyinit.c) * @@ -412,7 +412,7 @@ normal_mode(char *username, int n, char *key, char *seed) if (i > 2) errx(1, "S/Key entry not updated"); - if (readpassphrase("Enter secret passphrase: ", passwd, + if (readpassphrase("Enter new secret passphrase: ", passwd, sizeof(passwd), 0) == NULL || passwd[0] == '\0') exit(1); |