I've got this server that these users want telnet access to (err). The
compromise we've reached is to allow telnet, but only with one-time
passwords generated with s/key. So what I want to do is have people go to
our web page, login over ssl and click a button to see their new one time
code, which will expire in, say, 10 minutes (can s/key do that?). The web
page will also let them generate a new seed for s/key.

Has anyone done this, and ideas? I'm thinking of just having the the web
page run (as httpd, I guess) sudo su -c $USER skey -s blah blah and
outputting the results to the web page. Any ideas / concerns / programs
that will do this for me?

I've seen java OTP (s/key) calculators -- am I right that this is not what
I'm looking for?

Thanks,

Ben