MSRI

The opie Authenticator

opie is a free version of s/key, which is no longer in the public domain. If you know how to use s/key, then you know how to use opie.

How to Obtain an Account

To obtain an opie account you must be a current member of MSRI and either see a member of the computing staff in person or send a REQUEST (be sure to include your MSRI email address and your phone number). Except in extraordinary circumstances, initializing opie will have to be done in person

Getting the opie Client

opie is an implementation of the OTP Internet standard. Your home system should have a version installed. If it doesn't, you can install a copy in your home directory or ask your systems administrator to install it. opie is available from the following sites:

opie-2.32.tar.gz is the POSIX (standard Unix) source code distribution. Despite the warnings, we have never observed any problems building the software on any modern Unix system. Macintosh and Windows clients are available in the contrib subdirectory.

An Outline of Using opie

Suppose that you are on the outside of the MSRI network, and you want to establish a connection for network services with a machine inside the network, e.g. the machine in your office here, woody, for example. The basic procedure is:

  1. connect to the telnet proxy on the firewall at opie.msri.org,
  2. authenticate yourself,
  3. direct the firewall proxy server to connect you to the internal machine.

In more detail, for 1), instead of typing: 

yourRemotePrompt% telnet woody.msri.org
you would type: 
yourRemotePrompt% telnet opie.msri.org

At step 2), opie.msri.org will ask for your username here and then issue an opie challenge, something like: 

otp-md5 536 ra2451 ext
You respond to this with the one time password that you have generated using the opie client software by giving it the initial input consisting of the sequence number 536, and the seed ra2451, and interactively supplying your secret pass phrase when asked. The one time password that the client generates will be a short poem, for example: 
YAWL SULK SOUR COVE SILO NECK
The server will check this and then, if appropriate, let you in. Note that the client will always generate a one time password, even with incorrect input. If it denies you access, try again. If you try unsuccessfully to authenticate yourself 5 times within 3 minutes, the authentication server will temporarily disable your account.

In step 3), after you are authenticated, the proxy server on opie.msri.org is waiting to be told the name of the internal machine. You supply that, the proxy is completed, and you are ready to proceed just as though you had originally telnet-ed directly to woody. When woody responds, you simply supply your username and ordinary MSRI password and the session proceeds transparently through the firewall.

Peggy Hall also has a very nice OPIE web page.

The Theory Behind opie

opie is a one-time password system. It secures your system by making playback attacks against user passwords computationally infeasible.

When you are challenged for a password by opie, the server provides you with a sequence number, n, and a seed. You enter the sequence number and seed into your opie response calculator and also enter a secret pass phrase. This secret pass phrase should not be typed over an insecure channel. If you restrict yourself to typing the secret pass phrase only on your local machine which has not been compromised by hackers, the secret pass phrase should remain secure.

The opie calculator combines the secret pass phrase with the key and MD5 hashes it n times according to the sequence number. It then provides you with an encoded version of the resulting number which you should then type in as a response to the original challenge.

The challenging system then MD5 hashes your response one more time and compares the result with the last password you provided (at sequence number n+1). If they match, then you are authenticated.

Vulnerabilities

If someone can capture your secure password, they can then generate any password they need. They could do this by compromising the system you use to compute the response. If MD5 is ever broken (it's supposed to be a one-way hash) they could capture a response and generate the next response by finding something that hashes to the same value.

Other Access Methods

Many people prefer the ease of use and greater functionality of the ssh suite of tools for secure remote access. Unlike opie, you will definitely need the assistance of a systems administrator to install ssh. A full installation requires root access.

Joe Christy Thu Dec 17 14:38:34 PST 1998