Overview#S-KEY One-Time Password System described in RFC 1760 describes the S/KEY* One-Time password system as released for public use by Bellcore.
There are two sides to the operation of the S/KEY one-time password system.
On the client side, the appropriate one-time password must be generated.
On the host side, the server must verify the one-time password and permit the secure changing of the user's secret pass-phrase.
An S/KEY system client passes the user's secret pass-phrase through multiple applications of a secure hash function to produce a one-time password. On each use, the number of applications is reduced by one.
Thus a unique sequence of passwords is generated. The S/KEY system host verifies the one-time password by making one pass though the secure hash function and comparing the result with the previous one-time password.