Five Minute Lightning Talk: Implementing OPIE

Installation on a Debian system: Server Side

As root, install the software:

    apt-get install libpam-opie opie-server

Comment out the old auth line of /etc/pam.d/login and /etc/pam.d/ssh:

    #auth   required    pam_unix.so nullok

Add the new auth lines, permitting either OPIE or standard unix password logins:

    auth    sufficient  pam_opie.so
    auth    sufficient  pam_unix.so nullok
    auth    required    pam_deny.so

As a non-root user, from a secure console, run opiepassword -c:

    [mct@catalina ~]$ opiepasswd -c
    Adding mct:
    Only use this method from the console; NEVER from remote. If you are using
    telnet, xterm, or a dial-in, type ^C now or exit with no password.
    Then run opiepasswd without the -c parameter.
    Using MD5 to compute responses.
    Enter new secret pass phrase: **********
    Again new secret pass phrase: **********

    ID mct OTP key is 499 ca0927
    CALL LIP BRAG MOW WAD DARN

Next	© 2003 Michael C. Toren