It’s quite easy to setup on NetBSD. To start, run

# skeyinit -s <user>
[Adding user]
You need the 6 english words generated from the "skey" command.
Enter sequence count from 1 to 10000: Enter anything you want
Enter new seed [default NetB14423]: Just press return or enter something else
otp-md4 <sequence count> <seed>
s/key access password: <Follow instruction bellow>

To get the s/key access password, you have to run the following command but be careful to do not run it on the remote host through telnet, run it locally !

# skey <sequence count you entered for skeyinit> <seed you use in skeyinit>

This will ask you for a password (use a secure one) and give you 6 english word, use them to complete the “s/key access password:” question.

Your S/Key authentification is ready !

Next time you do a telnet connexion to the host you will get this prompt

login: <put your username>
Password [otp-md4 <random number> <seed you use in skeyinit>]:

To know the 6 english word password to use, you have to run the following command (on you local computer for example)

# skey <random number> <seed you use in skeyinit>

In fact the random number will be incremented by one each time you log in. You can easily generate (in advance) all 6 english word password for number X to Z, with the following command (another time, run this locally) :

skey -n (Z-X) Z <seed you use in skeyinit>

Z-X is the number of password to generate. Z mean the last generated password is for random number Z

N.B: You clear password will still work if you use it.

Related link: S/Key on Wikipedia