From: Daniel Hulme (bugtraq_at_doublezero.uklinux.net)
Date: Thu, 18 Aug 2005 20:55:20 +0100 To: firstname.lastname@example.org
> > I'v been looking around a lot now, after opie (one time password in
> > everything) related stuff. The orginal dev site was lokated at
> > http://inner.net/opie/ but it seams like that link is dead.
> > I know the opie project stalled in 1998 some times but some BSD
> > people made a rewrite in 1999 but i cant find that eighter.
> > Soo what is happening to all the otp/opie stuff? Does nobody use it
> > anymore? Does anybody have some updated info about this, or know
> > about anything else that can give me an otp login.
> IIRC there is something similar on Linux but I don't recall if it is
> OPIE or some other acronym as it has been a while since I looked into
Perhaps you are thinking of Markus Kuhn's OTPW?
"OTPW is not compatible with and is not derived from either S/KEY or
OPIE. It is a completely independent and different design, which I
believe fulfils my functional and security requirements better."
It prints you a page of one-time passes. These are independent of
one-another and chosen in random order. To protect against theft of the
sheet, it also uses a constant (memorised) password. An attacker has to
both steal the sheet and eavesdrop the password to break the scheme.
-- "The rules of programming are transitory; only Tao is eternal. Therefore you must contemplate Tao before you receive enlightenment." "How will I know when I have received enlightenment?" asked the novice. "Your program will then run correctly," replied the master.