bash-otp

One-time Password generator for CLI using bash, oathtool

View the Project on GitHub poolpog/bash-otp

bash-otp

One-Time Password generator for CLI using bash, oathtool.

Automatically copys the token into your computer’s copy buffer (MacOS only atm)

This is basically “Authy for the CLI”

This script supports both encrypted and plain-text token files, but my reccomendation is to use encryption.

Requirements

Description

Set of bash shell scripts to generate OTP value from token using TOTP.

Usage

First ensure that there is a directory “tokenfiles” in the main dir where the script resides, and that this directory’s permissions are set to 700.

  1. Create token file and encrypt it. Resulting file, “tokenfiles/tokenname.enc”, is an encrypted file containing the token
  2. Put your token in a plaintext file in the tokenfiles/ directory:
      $ echo "1234567890abcdef" > tokenfiles/tokenname
    
  3. Encrypt the file with the included shell script:
      $ ./otp-lockfile.sh tokenfiles/tokenname
      Password: (enter a good password)
    
  4. Confirm it worked:
      $ ls tokenfiles/
      tokenname.enc
    
  5. Run otp.sh; will produce roughly the following output:
    $ ./otp.sh tokenname
    Password:
    02: 123456
    

The number on the left is the seconds counter; a new TOTP token is generated every 30 seconds.

The number on the right is the 6-digit One-Time Password.

This will be copied directly into the paste buffer. Just press “Command-V” (or “CTRL-V” on Linux) to paste into a login dialog.

In case you want “tokenfiles” to reside in a different location, you can tell otp.sh to use this directory instead by exporting the BASH_OTP_TOKENFILES_DIR variable like so:

  $ export BASH_OTP_TOKENFILES_DIR=/path/to/secure/tokenfiles/dir

Contents