[Server-devel] xs-otp: one time passwords for the XS
Michael Stone
michael at laptop.org
Fri Oct 24 14:33:31 EDT 2008
On Fri, Oct 24, 2008 at 07:02:23PM +1300, Douglas Bagnall wrote:
>2. If you want to disable root login via the system password, touch
> /etc/xs-otp/disable-root-password. This file will eventually exist
> by default, but for now this option should be used with care. It
> *could* leave you with no way of logging into the server.
Do the XS installation instructions offer any guidance on prohibiting
booting with init=/bin/bash, booting from external media, or simply
removing the XS hard drive and manipulating it from a separate machine?
>By default xs-otp generates 520 8-character passwords containing a
>mixture of letters, numbers and some punctuation. The passwords are
>saved in an ordered list, like this:
How many bits of entropy per password? (All the examples you showed were
printable ASCII so I assume that there are less than 64 bits of entropy
per password.)
Regards,
Michael
P.S. - Interesting work; congrats on getting this far.
More information about the Server-devel
mailing list