OTP has never been supported in our kerberos implementation, and noone seems

to care about it, so it shouldn't be in the documentation.

2 files changed, 0 insertions, 134 deletions

diff --git a/kerberosIV/src/doc/kth-krb.texi b/kerberosIV/src/doc/kth-krb.texi
index d1879f90838..3eb21080dac 100644
--- a/kerberosIV/src/doc/kth-krb.texi
+++ b/kerberosIV/src/doc/kth-krb.texi
@@ -271,12 +271,6 @@ How to set up the kerberos server
 * Add users to the database::   
 * Automate the startup of the servers::  
 
-One-Time Passwords
-
-* What are one time passwords?::  
-* When to use one time passwords?::  
-* Configuring OTPs::            
-
 Resolving frequent problems
 
 * Problems compiling Kerberos::  
@@ -291,7 +285,6 @@ Resolving frequent problems
 @include whatis.texi
 @include install.texi
 @include setup.texi
-@include otp.texi
 @include problems.texi
 @include ack.texi
 @include index.texi
diff --git a/kerberosIV/src/doc/otp.texi b/kerberosIV/src/doc/otp.texi
deleted file mode 100644
index 0a5929fa862..00000000000
--- a/kerberosIV/src/doc/otp.texi
+++ /dev/null
@@ -1,127 +0,0 @@
-@node  One-Time Passwords, Resolving frequent problems, How to set up a realm, Top
-@chapter One-Time Passwords
-
-@cindex OTP
-@cindex One time passwords
-There is also support for using @dfn{one time passwords} (OTP) in this
-package.  Specifically @code{login}, @code{ftpd}, and @code{popper} have
-support for using them.
-
-@menu
-* What are one time passwords?::  
-* When to use one time passwords?::  
-* Configuring OTPs::            
-@end menu
-
-@node  What are one time passwords?, When to use one time passwords?, One-Time Passwords, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section What are one time passwords?
-
-One time passwords are, as the name implies, passwords that can only
-be used once.  This means that even if someone is eavesdropping on the
-network, they will not be able to make use of the passwords they steal.
-
-The OTPs used in this package support @cite{RFC 1938}.  This standard is
-also backwards compatible with the well-known S/Key.  There are lots of
-programs for generating these on everything from HP 48's to Crays.
-@cindex S/Key
-
-@node  When to use one time passwords?, Configuring OTPs, What are one time passwords?, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section When to use one time passwords?
-
-Why would you want to use OTPs instead of Kerberos?  The advantage of
-OTPs is that they don't require a computer to operate.  You can print
-out a list of passwords and take with you, or you could use your
-calculator or hand-held computer to generate them.
-
-The downside is that they only protect you against passive attacks.
-Only the initial connection is authenticated.  After that, anyone can
-eavesdrop on your session, so you should not send or view any sensitive
-data (e.g. passwords) over a OTP-initiated link.  You are also
-vulnerable to active attacks where intruders try to take over your
-TCP-session and/or introduce data in the middle of it.  In other words,
-they provide initial authentication, but neither integrity nor
-confidentiality.
-
-The OTPs are generated from the tuple (@var{seed}, @var{sequence
-number}, @var{pass-phrase}).  The seed and the sequence number will be
-printed as part of the @dfn{challenge} and you will have to generate the
-corresponding password or pick it from a list.
-
-In conclusion, they are simple and can be used everywhere but don't
-protect against all threats that Kerberos does.  Use them when you can't
-use Kerberos.
-
-@node  Configuring OTPs,  , When to use one time passwords?, One-Time Passwords
-@comment  node-name,  next,  previous,  up
-@section Configuring OTPs
-
-@heading Initializing
-
-To initialize your OTPs use the @code{otp} program.  This program will
-write an entry in a local file on this host with your current password
-(in this case the 100th) and the corresponding seed (@samp{foobar}).
-@pindex otp
-
-@example
-@cartouche
-datan:>otp 100 foobar
-Pass-phrase: <pass-phrase>
-Verifying password Pass-phrase: <pass-phrase>
-@end cartouche
-@end example
-
-@heading Generating
-
-To print out a list of them there is a program called
-@code{otpprint}.
-@pindex otpprint
-
-@example
-@cartouche
-datan:>otpprint 100 foobar
-Pass-phrase: <pass-phrase>
-91: SLAM BUY SUP DUSK SKY BEST
-92: DEEM SIGH ROB RASH JUG MAT
-93: DUET FISK HERS AREA TOLL SUP
-94: WOW RAIN LEAK SARA MARK WING
-95: COG YELL MILK CART ABE BAWL
-96: GROW SILK GIST OMEN CAM ANNE
-97: JAG QUAD NUT BEAT BHOY MAGI
-98: ADAM USED GENE NIP EYE SIS
-99: MY SUNG HERO AT DASH RAKE
-100: CORN KNIT BOTH TOGO SOUL BOG
-@end cartouche
-@end example
-
-@heading Using the OTPs
-
-When you try to use one and have initialized a series of
-one-time passwords for yourself you will get a challenge with the
-algorithm being used, the sequence number, and the seed.  Enter those in
-your generator or find the corresponding password in your list.
-
-@example
-@cartouche
-login: assar
-assar's [ otp-md5 99 foobar ] Password: <MY SUNG HERO AT DASH RAKE>
-@end cartouche
-@end example
-
-The sequence number of the password will start at one less that the
-number you gave to @code{otp} and decrease by one every time you use it.
-You should try to keep track of which should be the current one so that
-you can be assured that nobody has stolen some of your passwords and
-used them.  When the number has reached zero you need to acquire a new
-series of passwords.
-
-Once you have initialized your series of passwords, you can always use
-them at any password prompt where you get the challenge as shown above.
-
-@heading Configuring servers
-
-@code{ftpd}, @code{telnetd}, and @code{popper} can be configured to
-require one-time passwords when the connection has not been kerberos
-authenticated.  Check the man pages for these programs for the correct
-options.