+----- On Tue, 27 Jul 1999 03:17:02 PDT, Dieter "Müller" writes:
| I already sent this message a few days ago, but I didn't saw it on the
| list, if I only missed it I have to say sorry in advance.
| I need a one-time-password authentication system which allows me to log
| in via an untrusted terminal, p.ex via telnet from win-xy.
| The problem is that I can't disable telnet on my pc thince I still need
| it to log in from my secure network.
| The very best would be a telnet-alike protocol which allows to choose
| between giving a normal or a one-time password.
You could try s-key or opie (which is derived from s-key). With s-key
you generate 100 passwords that you use in turn. I believe that s-key
can be broken if enough passwords are collected but I am unsure of the
details. Another alternative is kerberos but that is probably an
overkill, as I guess that you aren't a US resident you will need to
fetch it from KTH in Stockholm. Sorry no URL's.