punkwalrus (punkwalrus) wrote,

  • Mood:
  • Music:

OpenBSD - S/Key

I came across this nice little tidbit today:



In some installations, S/Key is the most common login method. It is used when no secure way to log in exists and a password must be entered in plain text. Examples would be FTP and Telnet, where the login is not encrypted at all. OpenBSD supports S/Key for numerous services including ftpd, telnetd. and sshd. The problem with tools like Telnet and FTP is that they use plaintext logins that pass over the network and can be sniffed. In contrast, services like sshd use encryption to send information without danger. Rather than using plain text, S/Key sends a challenge and the remote user sends back a response. This information is sent in plain text but it's one-time information and does not contain the password, so it does not pose any danger.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment