OTP (CryptoCARD) Resync

From MCS IT Wiki

In the case that you (or your infant son/daughter) has pushed your CRYPTOCard button more than 10 times, it will fail to authenticate you until it is re-synced.

You can re-sync your CRYPTOCard on your own by following the procedure below.

Note that this procedure is not the one to use if you have replaced the CRYPTOCard batteries and need your unit re-initialized. In this case, visit the MCS Help Desk.

  1. Have your CRYPTOCard ready.
  2. Obtain a challenge sequence. This can be done of the following way:
    • Initiate an ssh connection to a host that allows CRYPTOCard authentication. At the login prompt, just hit <Enter>. This will cause the CRYPTOCard service to produce a challenge string.
      finley@flea:~% ssh myhost
      Challenge: 58595610
  3. Hold down the button on your CRYPTOCard for a few seconds, until it displays "Init", then let go.
  4. Your CRYPTOCard will now scroll through a series of menu options. When it displays "ReSync", hit the button again.
  5. The display should change to:
  6. The number at the end will start cycling up from 0 to 9, over and over.
  7. Look at the numbers in your Challenge string. When the number at the end changes to the first number in the challenge string, 5 in this case, hit the button. The display should then change to:
  8. The "<" will then change to a 0 and start cycling through again. Enter each of the numbers from your Challenge string, until the display on your CRYPTOCard matches the Challenge string.
    • If you hit an incorrect number, you can press the button while "<" is displayed, which will backspace, and you can re-enter that digit.
  9. Once you've entered the entire Challenge string (all 8 digits) correctly, and are comfortable they're all correct, press the button on your CRYPTOCard to generate a new one time password. You're now in sync. Depending on how long it took to enter the numbers, you may need to CTRL-C to exit the challenge prompt and start a new SSH session.
Personal tools