Computer Laboratory

One-time passwords

Logging in from untrusted machines on remote sites exposes passwords to snooping: one can never be certain the machine one is connecting from has not been compromised. Even if the network connection is made over a secure channel like ssh, the password can be intercepted by a program that snoops key-presses on the local host. This is known to have been the cause of at least one user-account compromise which was subsequently elevated to a root compromise on several lab machines.

One-time passwords are a solution to this, but require some advance preparation. The idea is to generate a set of passwords and use each one only once as prompted by the login. We use a simple and cost-effective paper-based scheme (there are other schemes that use portable electronic devices to generate the passwords.)

Generating passwords

To generate a set of passwords, use the otpw-gen (or cl-otpw-gen) program on one on the slogin-serv machines. This will prompt you for a prefix password, which is a common prefix to all the passwords that are generated, and will then output an ASCII list of the passwords like this:

OTPW list generated 2003-11-13 11:32 on fenton.cl.cam.ac.uk

000 yD9+ t3Wz  056 9wFf YkqU  112 Fe2S :QFP  168 fu2u nwji  224 DHsc wOf%
001 d9xT Rkpu  057 +rrN 9PLh  113 ytqC G39f  169 tE7t keFE  225 4nCC /zY5
002 :+e+ h+Ut  058 UHMY HzK=  114 eP3y fzw4  170 QQvn vneS  226 :pu5 p4x7
003 MqSo 4JA:  059 RfuB 5gyA  115 v=G4 xhYw  171 g5cr ZRCa  227 utgi mHSy

 ... etc. etc.

In this instance password number 170 is QQvn vneS, so if the prefix were tpf4apf2tl, then if prompted for pass phrase 170, the correct string is tpf4apf2tlQQvnvneS.

If you want to print the password list on the default printer you can just go

otpw-gen | lpr

Using passwords

OTPW is only available on some SSH servers. They include

  • slogin-serv connect to a Time Sharing System, which can be used for simple commands, but as a shared resource, is not appropriate for intensive computing.
  • ssh-relay allows an incoming connection to be relayed over ssh to an internal workstation.
  • cvs-serv provides access to CVS services.

Each service is provided by a number of machines, for resilience. If a connection fails, try again, and it may try another server. If it repeatedly fails, try appending ‘1’, ‘2’ and ‘3’ to the name, to access a particular instance of the service, e.g. slogin-serv2. The services may share machines, but users should nort rely on this. In particular, it may be that users cannot use ssh-relay machines to run shall commands.

The next time you log in from outside the department to any of the ssh server machines slogin-serv, ssh-relay, cvs-serv, etc, when a user key is not available, you will be prompted for Password NNN: in which case you should enter the prefix password, immediately followed by the (usually eight character) one-time password number NNN from your sheet.

Security depends on no-one being able to copy a significant portion of the sheet. If an attacker has control over the local machine and a copy of more than half of the current password sheet then he or she may well be able to access the account.

If at any time you lose your sheet, or use up more than half the passwords on it (at which point you will be prompted on login that this is the case) then generate another using the above process. After this, none of the passwords on the previous sheets will be be useful to anyone so you can throw them away.

Note that generation of a new password sheet should only be done over a secure channel using ssh and preferably from a trusted machine.

Under certain circumstances you may be prompted for three of the passwords on the sheet. In this case the prompt will be of the form Password NNNN/NNNN/NNNN: This happens when concurrent logins are attempted. See http://www.cl.cam.ac.uk/~mgk25/otpw.html for more details.

Client support

Not all ssh clients are usable with one-time passwords. The mechanism relies on the keyboard interactive authentication mechanism being implemented in the client. If you are using PuTTY then you may need to upgrade to beta 0.53b or later.

If you have access to a web browser with Java 1.3 or later then you can access your lab account using the SSHTerm applet.

If your client does not support the above, contact sys-admin for information about back doors which allow somewhat less convenient access for other ssh clients, and telnet clients.

Disabling OTPW

If for some reason you want to disable the use of one-time passwords for logging in to your account then simply delete the file ~/.otpw