09-27-2011
Hi Rex,
so to simplify, how do you differentiate the different responses? what do you consider as a success? is it the success of scp-ing?
From what i understand you are trying to intercept scp process in the middle between authenticating RSA keys and transfering the file. IMO, it will be easier do authenticate first, cross-reference to your challenge-response/product mapping, if all is well, then do the scp.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Happy Holiday Season All,
I once found a software package on the web that was pretty cool. The package was used in conjunction with sendmail or procmail (I think) and would compare the senders email address to a database on the server. If the senders address was not in the database, it would... (2 Replies)
Discussion started by: Neo
2 Replies
2. UNIX for Advanced & Expert Users
Hi, there are some servers here at work which issue a Safeword challenge after I login. Can anyone tell me exactly how the challenge/response system works? In particular, how are the valid keys decided? (2 Replies)
Discussion started by: blowtorch
2 Replies
3. Cybersecurity
Hello all,
I have this question, hope to get some guidance...
Fora simple password-based challenge-response protocol between a user A
and a server S, where Pa is A's password, n is a random nonce generated
by the server, and h is a known cryptographic hash function.
1. S -> A:... (1 Reply)
Discussion started by: heroine
1 Replies
4. Shell Programming and Scripting
I have the following text
Microsoft iSCSI Initiator version 2.0 Build 3497
Targets List:
iqn.2001-05.com.equallogic:0-8a0906-daef43402-138000002a4477ba-grsrv12-extra
iqn.2001-05.com.equallogic:0-8a0906-986f43402-520000002b447951-exchange
... (9 Replies)
Discussion started by: netmedic
9 Replies
5. Shell Programming and Scripting
Here's a regex substitution operation that has stumped me with sed:
How do you convert lines like this:
first.key ?{x.y.z}
second.key ?{xa.ys.zz.s}
third.key ?{xa.k}
to:
first.key ?{x_y_z}
second.key ?{xa_ys_zz_s}
third.key ?{xa_k}
So i'm basically converting all the... (11 Replies)
Discussion started by: neked
11 Replies
6. Shell Programming and Scripting
Ok then i Have a challenge for you :
Give me PS1 so that it always display the least 2 levels of directory
(except if i am above of course)
I want it this way :
so if i go to
/
/home/
/home/user
/home/user/whatever
/home/user/whatever1/whatever2
my PS1 should respectively... (12 Replies)
Discussion started by: ctsgnb
12 Replies
7. Solaris
After a memory upgrade all network interfaces are misconfigued. How do i resolve this issue. Below are some out puts.thanks.
ifconfig: plumb: SIOCLIFADDIF: eg000g0:2: no such interface
# ifconfig eg1000g0:2 plumb
ifconfig: plumb: SIOCLIFADDIF: eg1000g0:2: no such interface
# ifconfig... (2 Replies)
Discussion started by: andersonedouard
2 Replies
8. UNIX for Dummies Questions & Answers
I've been given a directory full of subdirectories full of logfiles of the same name:
/logfiles/day1/file1/blockednodes.csv
day1-14
file1-48
The above is the actual directory structure for 14 days worth of a logfile that is generated every 30 minutes. It's been done this way to preserve the... (15 Replies)
Discussion started by: Cludgie
15 Replies
9. Shell Programming and Scripting
I have searched through google, and this forum to try and find the answer, but alas, nothing quite hits the whole answer.
I am trying to read the last line (or lines) of some log files. I do this often.
The files are named sequentially, using the date as part of the file name, and appending... (18 Replies)
Discussion started by: BatterBits
18 Replies
10. Shell Programming and Scripting
there are about 300 objectivec .m files and I need to print each file name and its method and number of lines inside the method
there is a sample perl files that do perl brace matching... (0 Replies)
Discussion started by: steve32001
0 Replies
LEARN ABOUT DEBIAN
ykchalresp
ykchalresp(1) General Commands Manual ykchalresp(1)
NAME
ykchalresp - Perform challenge-response operation with YubiKey
SYNOPSIS
ykchalresp [-1 | -2] [-H] [-Y] [-N] [-x] [-v] [-h]
OPTIONS
Send a challenge to a YubiKey, and read the response. The YubiKey can be configured with two different C/R modes -- the standard one is a
160 bits HMAC-SHA1, and the other is a YubiKey OTP mimicing mode, meaning two subsequent calls with the same challenge will result in dif-
ferent responses.
-1 send the challenge to slot 1. This is the default.
-2 send the challenge to slot 2.
-H send a 64 byte HMAC challenge. This is the default.
-Y send a 6 byte Yubico OTP challenge.
-N non-blocking mode -- abort if the YubiKey is configured to require a key press before sending the response.
-x challenge is hex encoded.
-v enable verbose mode.
EXAMPLE
The YubiKey challenge-response operation can be demonstrated using the NIST PUB 198 A.2 test vector.
First, program a YubiKey with the test vector :
$ ykpersonalize -2 -ochal-resp -ochal-hmac -ohmac-lt64 -a 303132333435363738393a3b3c3d3e3f40414243
...
Commit? (y/n) [n]: y
$
Now, send the NIST test challenge to the YubiKey and verify the result matches the expected :
$ ykchalresp -2 'Sample #2'
0922d3405faa3d194f82a45830737d5cc6c75d24
$
BUGS
Report ykchalresp bugs in the issue tracker <https://github.com/Yubico/yubikey-personalization/issues>
SEE ALSO
The ykpersonalize home page <http://code.google.com/p/yubikey-personalization/>
YubiKeys can be obtained from Yubico <http://www.yubico.com/>.
yubikey-personalization Febuary 2011 ykchalresp(1)