inz.fi

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

totp-tokens-on-desktop.md (1382B)


      1 # TOTP tokens on desktop
      2 
      3 If, like me, your phone may not always be in arms reach (or in a known location), you may sometimes get frustrated with 2FA tokens: look for the phone, look for the app, memorize the token, start writing, re-check the code, finish writing, make a typo, wash, rinse, repeat.
      4 
      5 So I thought why wouldn't I have the tokens stored also on the computer, encrypted. Turns out, there are a couple of options in Ubuntu repos already, namely gnome-authenticator and otpclient. These, while working, seemed like a too big of a hammer for my preferred use, so I wrote a little script to grab a generated TOTP key for a service. I didn't want to go inventing a new file format or use a database, so I just used a list of URIs in [key uri format](https://github.com/google/google-authenticator/wiki/Key-Uri-Format), which can handily be exported from FreeOTP+, only encrypted with AES256.
      6 
      7 The [resulting script](https://inz.fi/p/totp.bash) uses dmenu for passphrase querying, openssl CLI tool for decryption, xclip for putting the result on the clipboard and notify-send for error reporting.
      8 
      9 To create the encrypted file, use something like:
     10 
     11 	mkdir ~/.local/share/totp
     12 	openssl aes256 -in [listfile] -out ~/.local/share/totp/keys.txt.encrypt
     13 
     14 Then run the totp script with argument specifying which key you intend to use.
     15 
     16 Adjust the dmenu colors to suit your fancy.