Using OTP

Last update: March 23, 2001

You cannot access dns2.ableminds.com using standard FTP or Telnet software because login via these services are not available on our servers for security reasons. The specific problems with these protocols is that the user's password is sent from the client workstation to the server as plain text, which can be intercepted by a hacker. You can use One-Time Passwords (OTP) with an FTP client, but it is most convenient to use an FTP client that has built-in support for OTP and specifically for the md4 algorithm. The OTP software we use at present on our servers is s/key (secure key). There is also server software called Opie which uses the md5 or md4 algorithm.

You can also transfer files using scp (secure copy), but this requires a shell client that supports ssh and scp. See our support page on ssh and scp for more information.

Macintosh

An FTP program for the Macintosh that supports OTP directly is Fetch. You can download Fetch at http://http://www.dartmouth.edu/pages/softdev/fetch.html.

Another Macintosh program that supports OTP is NetFinder. It uses a Macintosh Finder interface which some people might prefer. You can download this $35 software at:
http://ftp.oleane.net/pub/mac/fr/FTP/NetFinder/.

If you are using an FTP program that doesn't have the md4 algorithm for generating an OTP, you can download and use a program called to generate the OTP and paste it into your FTP client's password prompt.

You can download skey for the Mac at:
ftp://ftp.msri.org/pub/skey/skey.hqx

You can download MacOpie at:
ftp://ftp.cs.colorado.edu/pub/skey/UNSUPPORTED/mac.sit.hqx

Alternatively we can help you create a file of OTPs you can print out and enter for each login (however, then you have to type them in). Then you can don't have to keep track of the public key and counter, but instead cross off each password after you use it to login for FTP.

Windows

An FTP program for Windows that supports OTP directly is Voyager. You can download Voyager at http://www.ftpvoyager.com.

If you are using an FTP program that doesn't have the md4 algorithm for generating an OTP, you can download and use a program to generate the OTP and paste it into your FTP client's password prompt. There are several programs that can do this including WinKey.exe (not to be confused with the keyboard utility of the same name). Visit these sites to download such a utility:

http://numeroso.spb.org/newton/unsorted/skey/DOSandUNIX/
http://www.sytk.fi/pub/internet/ftpserve/
http://www.ja.net/CERT/Long/Securing_Remote_Access.html
/http://cnls.lanl.gov/Internal/Computing/Skey/Calculators/windows/md4/

Alternatively we can help you create a file of OTPs you can print out and enter for each login (however, then you have to type them in). Then you can don't have to keep track of the public key and counter, but instead cross off each password after you use it to login for FTP.

Unix

You can use command line FTP on Unix by entering the OTP each time you login. This means using the s/key (secure key) command "key" to generate the OTP. The Unix command "keyinfo" displays the public key (or seed) and current counter value. The Unix command "key" requires these values as arguments, then requests your secret password (your s/key, not Unix password), and then finally, returns the OTP. The s/key software on our servers use the md4 algorithm, which generates a one-time password that consists of 6 short strings, usually short 3-4 letter words, but not always. There is a single space between each word, and these are part of the OTP except that there is no trailing space at the end. Also it doesn't matter if the password is in lowercase or uppercase letters. An example of how you can use key follows:

% keyinfo alana
9987 dn28381
% key 9987 dn28381
Reminder - Do not use this program while logged in via telnet or rlogin.
Enter secret password:
DAME MACE SHUN ALGA EGO TACK

Alternatively, you can do this:

% key `keyinfo`
Reminder - Do not use this program while logged in via telnet or rlogin.
Enter secret password:
DAME MACE SHUN ALGA EGO TACK

To use ftp, you simply use the standard command line ftp commands but enter the secret password when prompted, for example:

% ftp dns2.ableminds.com
Connected to dns2.ableminds.com.
220 dns2.ableminds.com FTP server (Version 6.00X) ready.
Name (dns2.ableminds.com:alana)
331 9987 dn28381
Password:

At this password prompt, you enter your OTP you generated using key (not your secret or Unix password).

Able Minds Support Page    Able Minds Home Page


Copyright © 1998-2005 Able Minds. All rights reserved. Legal Notices.  Privacy Policy.