FTP edit

Method 1

The first method is optimal: (drag & drop).

You can download the Educational Windows Version of ssh below. For details please see the LICENSE.

SSHSecureShellClient-3.2.0.exe

Do the installation. SFtp to mimi.cs.mcgill.ca or any other lab machine.

Method 2

The second method involves onetime passwords.

The basic idea is that you must generate some "onetime passwords". Each time you log into ftp.cs.mcgill.ca you will use one of those passwords. When you run out of onetime passwords, you can generate more of them. For more information about this mechanism read skey(1) by doing `man skey`.

If you have trouble (ie. you get a message such as "No manual entry for skey") reading the man page, do `unset MANPATH`.

The procedure for getting onetime passwords is simple and involves only two commands, namely keyinit(1) and key(1).

  • The first step is to log onto the ftp server. To do this, we MUST use ssh(1). You can use ssh from any lab machine or compute server at SOCS.
 [abatko][fiat][~] {1} ssh ftp.cs.mcgill.ca
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
Host 'ftp.cs.mcgill.ca' added to the list of known hosts.
abatko@ftp.cs.mcgill.ca's password:
Last login: Fri Oct  6 13:24:17 2000 from electrod.cs.mcgi
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights reserved.
FreeBSD 4.1.1-RELEASE (GENERIC) #0: Tue Sep 26 00:46:59 GMT 2000
Authorized use only.
If you are here to setup one time passwords then
man skey
in particular, keyinit and key are the programs you
are intertested in.
This machine is in a beta state right now, please report any problems
that you have to help@cs.mcgill.ca
Welcome to FreeBSD!
[abatko][wase][~]
{1}
  • The second step is to generate an initial key, thus we use the command keyinit(1). WARNING When setting up your onetime passwords you MUST use ssh(1).
 [abatko][wase][~] {1} keyinit
Adding abatko:
Reminder - Only use this method if you are directly connected.
If you are using telnet or rlogin exit with no password and use keyinit -s.
Enter secret password:
Again secret password:
ID abatko s/key is 99 wa72014
BAND LARY ADAM THE EDGE BONO
  • The third step is to generate several onetime passwords. We do this using key(1) whose synopsis is key [-n count] [/]

    The option -n count is used to generate a particular number of passwords. So to generate say, 3 passwords do -n 3. The mandatory parameters sequence # and key we just copy over from the output of keyinit(1) (the first blue part above). Thus according to our running example, the sequence # and key are 99 wa72014. If you enter the secret password correctly, the last onetime password (99 in this case) will be the same as the one given to you by keyinit(1). If you look above, you will note the (blue) line "BAND LARY ADAM THE EDGE BONO"; it's the same as the last one below. If it was different, then I would have to do key(1) again and try typing the secret password correctly this time.
 [abatko][wase][~] {2} key -n 3 99 wa72015
Reminder - Do not use this program while logged in via telnet or rlogin.
Enter secret password:
97: SILT CAW TWIN FUN MOOD SHE
98: MUDD TAGS CASE YOU TWO CALL
99: BAND LARY ADAM THE EDGE BONO
  • Now exit the ftp server (wase) by doing exit.
 [abatko][wase][~] {3} exit
logout
Connection to ftp closed.
  • Finally, let's ftp into ftp.cs.mcgill.ca. Note that now we'll be using our onetime password(s) to log in. The Onetime Password system (S/key) will prompt us for a password. It asks us for a specific by giving the number of the password it wants. Below, you'll note that it's asking for s/key 98 so that's the one I would type in. So from our running example, it would be "MUDD TAGS CASE YOU TWO CALL". IMPORTANT In order for you to be able to log in now, your home directory must have mode atleast 711. So do chmod 711 ~ to change your home directory's mode to 711.
 [abatko][fiat][~] {2} ftp ftp.cs.mcgill.ca
Connected to ftp.cs.mcgill.ca.
220 wase.CS.McGill.CA FTP server (Version 6.00LS) ready.
Name (ftp.cs.mcgill.ca:abatko):
331 s/key 98 wa72015 (s/key required)
Password:
230 User abatko logged in, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> exit
221 Goodbye.
  • Ok, let's do it one more time. Note that this time it will ask us for the next lower numbered password, namely s/key 97. So from our running example, it would be "SILT CAW TWIN FUN MOOD SHE".
 [abatko][fiat][~] {3} ftp ftp.cs.mcgill.ca
Connected to ftp.cs.mcgill.ca.
220 wase.CS.McGill.CA FTP server (Version 6.00LS) ready.
Name (ftp.cs.mcgill.ca:abatko):
331 s/key 97 wa72015 (s/key required)
Password:
230 User abatko logged in, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> exit
221 Goodbye.
  • Ok, now we've run out of passwords, so we'll have to generate some more by continuing from where we left off. For instance, in the running example, we would do `key -n 10 97 wa72015` to generate 10 more onetime passwords. Make sure that the newly generated password with highest number (97 in this case) is the same one you most recently used (which was 97).

    Once again, if you forgot your passphrase, you have to start all over with keyinit(1) and key(1).