MAN.9FRONT.ORG RTFM


     SECURENET(8)                                         SECURENET(8)

     NAME
          securenet - Digital Pathways SecureNet Key remote
          authentication box

     DESCRIPTION
          The SecureNet box is used to authenticate connections to
          Plan 9 from a foreign system such as a Unix machine or plain
          terminal.  The box, which looks like a calculator, performs
          DES encryption with a key held in its memory.  Another copy
          of the key is kept on the authentication server.  Each box
          is protected from unauthorized use by a four digit PIN.

          When the system requires SecureNet authentication, it
          prompts with a numerical challenge.  The response is com-
          pared to one generated with the key stored on the authenti-
          cation server.  Respond as follows:

          Turn on the box and enter your PIN at the EP prompt, fol-
          lowed by the ENT button.  Enter the challenge at Ed prompt,
          again followed ENT.  Then type to Plan 9 the response gener-
          ated by the box.  If you make a mistake at any time, reset
          the box by pressing ON.  The authentication server compares
          the response generated by the box to one computed inter-
          nally.  If they match, the user is accepted.

          The box will lose its memory if given the wrong PIN five
          times in succession or if its batteries are removed.

          To reprogram it, type a 4 at the E0 prompt.

          At the E1 prompt, enter your key, which consists of eight
          three-digit octal numbers.  While you are entering these
          digits, the box displays a number ranging from 1 to 8 on the
          left side of the display.  This number corresponds to the
          octal number you are entering, and changes when you enter
          the first digit of the next number.

          When you are done entering your key, press ENT twice.

          At the E2 prompt, enter a PIN for the box.

          After you confirm by retyping the PIN at the E3 prompt, you
          can use the box as normal.

          You can change the PIN using the following procedure.
          First, turn on the box and enter your current PIN at the EP
          prompt.  Press ENT three times; this will return you to the
          EP prompt.  Enter your PIN again, followed by ENT; you
          should see a Ed prompt with a - on the right side of the
          display.  Enter a 0 and press ENT.  You should see the E2

     SECURENET(8)                                         SECURENET(8)

          prompt; follow the instructions above for entering a PIN.

          The SecureNet box performs the same encryption as the
          netcrypt routine (see encrypt(2)). The entered challenge, a
          decimal number between 0 and 100000, is treated as a text
          string with trailing binary zero fill to 8 bytes.  These 8
          bytes are encrypted with the DES algorithm.  The first four
          bytes are printed on the display as hexadecimal numbers.
          However, when set up as described, the box does not print
          hexadecimal digits greater than 9.  Instead, it prints a 2
          for an A, B, or C, and a 3 for a D, E, or F.  If a 5 rather
          than a 4 is entered at the E0 print, the hexadecimal digits
          are printed.  This is not recommended, as letters are too
          easily confused with digits on the SecureNet display.

     SEE ALSO
          encrypt(2), auth(2)
          Digital Pathways, Mountain View, California

     BUGS
          The box is clumsy to use and too delicate.  If carried in a
          pocket, it can turn itself on and wear out the batteries.