Scroll to navigation

DONKEY(1) DONKEY(1)

NAME

donkey - alternative for S/KEY's "key" command.

SYNOPSIS

donkey [options] sequence seed
donkey -i

key [option] sequence seed
key -i

DESCRIPTION

This manual page documents briefly the donkey, and key commands. This manual page was written for the Debian GNU/Linux distribution because the original program does not have a manual page. Instead, it has documentation in /usr/share/doc/donkey

donkey is an alternative for S/KEY's "key" command. The new feature that the original key doesn't have is print an entry for skeykeys as follows;

kazu 0099 al02004          115d83956f1089b6  Apr 26,1995 22:13:27

This means that donkey is also an alternative for "keyinit". Since the entry is printed to stdout (not to /etc/skeykeys), you can easily sent it to a remote operator by e-mail (with a PGP signature or something). So it is possible to initiate S/KEY without loginging onto the console of the host.

OPTIONS

A summary of options is included below.
-n
num specify the number of keys to be calculated.
-f
func choose a hash function - one of MD4 or MD5

EXAMPLES

(1) Calculate an One-Time-Password.

Execute Donkey with a sequence number and a seed, then input your passphrase.

% donkey 80 is12345
Enter passphrase : xxxxxxxxxxxxxxxxxxxxxxx
SOFT O SAW SWAB CON RODE

You can choose the hash function.

% donkey 80 is12345
Enter passphrase : xxxxxxxxxxxxxxxxxxxxxxx
SOFT O SAW SWAB CON RODE
%donkey -f md5 80 is12345
Enter passphrase : xxxxxxxxxxxxxxxxxxxxxxx
LACK WIN ROSE ANNA STUN REEK

The default hash function is MD4 due to historical reasons.

(2) Calculate several One-Time-Passwords at once.

Use the -n option.

% donkey -n 10 80 is12345
Enter passphrase : xxxxxxxxxxxxxxxxxxxxxxx
71: WORE HELL CUB FAR DORA MALE  
72: SAIL DAN DONE BEER DAYS MOS  
73: PAN TONE THAT TOUT BURY EST  
74: KEN ROAM HEAT NAN MEAN HEN   
75: MINI MARS HASH BOTH SITU SING
76: TOW SHIN FLUE ARID AHOY NE   
77: SLID LEEK NO TREE STOW BEY   
78: RUDY WINE GIFT FUSS AGEE SUE 
79: GELD THIN MAID THIN BUD TURF 
80: SOFT O SAW SWAB CON RODE     

Note that though "Enter passphrase" is printed out to the standard error stream, the One-Time-Passwords are written to the standard output stream, so you can redirect the output safely.

(3) Print an skeykeys entry.

Use the -i option without arguments. Then, enter the login name, the sequence number and the seed. Input your passphrase twice to get the entry.

% donkey -i
Enter login name [default kazu]: 
Enter sequence 1 to 999 [default 99]: 
Enter new seed [default ur18122]: 
Please choose passphrase between 8 and 256 characters.
Enter passphrase : xxxxxxxxxxxxxxxxxxxxxxxxxxx
Re-enter passphrase : xxxxxxxxxxxxxxxxxxxxxxxxxxx
kazu 0099 ur18122          fc5b023e684968ff  Oct 02,1995 16:15:30
WINK SEAM GRAB ROAD HELL FEST

BUGS

Things to do:
Support other one time passwords such as OTP.
Support other secure hash functions.

AUTHOR

This program is developed by Kazuhiko Yamamoto <kazu@is.aist-nara.ac.jp>. This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, based on the documentation of this program, for the Debian GNU/Linux system (but may be used by others).
April 17, 2016