ok, so again.....:
- The S/KEY one-time password system provides authentication over networks that are subject to eavesdropping/reply attacks.
so far, so good....i understood...
- This system has several advantages compared with other one-time or multi-use authentication systems.
blabla... advantages....everything is clear...
- The user's secret password never crosses the network during login, or when executing other commands requiring authentication such as the UNIX passwd or su commands.
as well.....ok....
- No secret information is stored anywhere, including the host being protected, and the underlying algorithm may be (and it fact, is) public knowledge.
the underlying algorythm (so, how the password is gettting created...) is generally known... (hasn't this gotto be a disadvantage of this key...?)...
- The remote end of this system can run on any locally available computer. The host end could be integrated into any application requiring authentication.
so.... a password is gonna be generated... which depends on my hardware.... this password can just be created by a computer... that has the same hardwareconstellation as i have got........is that right (for example--> cpu-serial or even mac-address of my nic)...??
but my main question:
if i'm logging on to my ssh-account (skeyauthentication is enabled)..... what does that mean for my ssh-server-daemon???
am i... beginning from the moment as i am a "known_host"..... permitted to login there .... by SKEY.... just permitted to login there without any shell-account.... .... just with my (saved) SKEY....????? but why...?
please.... aren't there any understandable, comprehensible.... howto's 'bout SKEYAUTH ... on a SSH-SERVER (i'm using openssh) ........
cause everywhere i was looking for some informations.... I just got some parts of the informations, I was looking for....
please help& thanks for every adice...
greetings
pablo