plan9fox/sys/man/8/securenet
2011-03-30 19:35:09 +03:00

128 lines
3.1 KiB
Text

.TH SECURENET 8
.SH NAME
securenet \- Digital Pathways SecureNet Key remote authentication box
.SH DESCRIPTION
The
.I SecureNet
box is used to authenticate connections to Plan 9 from a foreign system
such as a
Unix
machine or plain terminal.
The box, which looks like a calculator,
performs DES encryption with a key held in its memory.
Another copy of the key is kept on the authentication server.
Each box is protected from unauthorized use by a four digit PIN.
.PP
When the system requires SecureNet authentication,
it prompts with a numerical challenge.
The response is compared to one
generated with the key stored on the authentication server.
Respond as follows:
.PP
Turn on the box and enter your PIN at the
.B EP
prompt,
followed by the
.B ENT
button.
Enter the challenge at
.B Ed
prompt,
again followed
.BR ENT .
Then type to Plan 9 the response generated by the box.
If you make a mistake at any time, reset the box
by pressing
.BR ON .
The authentication server compares the response generated by the box
to one computed internally. If they match, the user is accepted.
.PP
The box will lose its memory if given the wrong PIN
five times in succession or if its batteries are removed.
.PP
To reprogram it, type a
.B 4
at the
.B E0
prompt.
.PP
At the
.B E1
prompt, enter your key, which consists of eight three-digit octal numbers.
While you are entering these digits,
the box displays a number ranging from 1 to 8 on the left side of the display.
This number corresponds to the octal number you are entering,
and changes when you enter the first digit of the next number.
.PP
When you are done entering your key, press
.B ENT
twice.
.PP
At the
.B E2
prompt, enter a PIN for the box.
.PP
After you confirm by retyping the PIN at the
.B E3
prompt, you can use the box as normal.
.PP
You can change the PIN using the following procedure.
First, turn on the box and enter your current PIN at the
.B EP
prompt.
Press
.B ENT
three times;
this will return you to the
.B EP
prompt.
Enter your PIN again, followed by
.BR ENT ;
you should see a
.B Ed
prompt with a
.B -
on the right side of the display.
Enter a
.B 0
and press
.BR ENT .
You should see the
.B E2
prompt; follow the instructions above for entering a PIN.
.PP
The
.I SecureNet
box
performs the same encryption as the
.B netcrypt
routine
(see
.IR encrypt (2)).
The entered challenge, a decimal number between 0 and 100000,
is treated as a text string with trailing binary zero fill to 8 bytes.
These 8 bytes are encrypted with the DES algorithm.
The first four bytes are printed on the display as hexadecimal numbers.
However, when set up as described,
the box does not print hexadecimal digits greater than 9.
Instead, it prints a 2 for an A, B, or C, and a 3 for a D, E, or F.
If a
.B 5
rather than a
.B 4
is entered at the
.B E0
print, the hexadecimal digits are printed.
This is not recommended, as letters are
too easily confused with digits on the
.I SecureNet
display.
.SH "SEE ALSO"
.IR encrypt (2),
.IR auth (2)
.br
Digital Pathways, Mountain View, California
.SH BUGS
The box is clumsy to use and too delicate.
If carried in a pocket,
it can turn itself on and wear out the batteries.