This section is for users authorized to dial into the OnBoard appliance through an external modem, PC modem or phone card when the one time password (OTP) authentication method is configured for logins to that device. With OTP authentication, you supply a different password every time you dial-in, so no one who discovers the password used for one session can use that password later to access your account. An OTP is a group of six English words that are entered all on the same line at the prompt.
When you dial into the OnBoard appliance and enter a username, the system provides a challenge string starting with otp-md5, which tells opiekey to use the MD5 algorithm, followed by a sequence number and a key and waits for a response.The key includes the first two letters of the hostname and a pseudo random number. In the following example, the sequence number is 499 and the seed is
on93564.
Each OTP user needs a local user account on the OnBoard appliance, must be registered with the OTP system and must be able to obtain the OTP username, OTP secret pass phrase and OTP passwords needed for logins. The following procedure is for users who have the opiekey program running on a non-networked workstation, who know the secret pass phrase and are able to generate their own passwords.