totp - www.codemadness.org - www.codemadness.org saait content files
(HTM) git clone git://git.codemadness.org/www.codemadness.org
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
totp (3506B)
---
1 1<- Back / codemadness.org 70
2 i codemadness.org 70
3 i codemadness.org 70
4 i# 2FA TOTP without crappy authenticator apps codemadness.org 70
5 i codemadness.org 70
6 iLast modification on 2022-10-29 codemadness.org 70
7 i codemadness.org 70
8 iThis describes how to use 2FA without using crappy authenticator "apps" or a codemadness.org 70
9 imobile device. codemadness.org 70
10 i codemadness.org 70
11 i codemadness.org 70
12 i## Install codemadness.org 70
13 i codemadness.org 70
14 iOn OpenBSD: codemadness.org 70
15 i codemadness.org 70
16 i pkg_add oath-toolkit zbar codemadness.org 70
17 i codemadness.org 70
18 iOn Void Linux: codemadness.org 70
19 i codemadness.org 70
20 i xbps-install oath-toolkit zbar codemadness.org 70
21 i codemadness.org 70
22 iThere is probably a package for your operating system. codemadness.org 70
23 i codemadness.org 70
24 i* oath-toolkit is used to generate the digits based on the secret key. codemadness.org 70
25 i* zbar is used to scan the QR barcode text from the image. codemadness.org 70
26 i codemadness.org 70
27 i codemadness.org 70
28 i## Steps codemadness.org 70
29 i codemadness.org 70
30 iSave the QR code image from the authenticator app, website to an image file. codemadness.org 70
31 iScan the QR code text from the image: codemadness.org 70
32 i codemadness.org 70
33 i zbarimg image.png codemadness.org 70
34 i codemadness.org 70
35 iAn example QR code: codemadness.org 70
36 i codemadness.org 70
37 IQR code example /downloads/2fa/qr.png codemadness.org 70
38 i codemadness.org 70
39 iThe output is typically something like: codemadness.org 70
40 i codemadness.org 70
41 i QR-Code:otpauth://totp/Example:someuser@codemadness.org?secret=SECRETKEY&issuer=Codemadness codemadness.org 70
42 i codemadness.org 70
43 iYou only need to scan this QR-code for the secret key once. codemadness.org 70
44 iMake sure to store the secret key in a private safe place and don't show it to codemadness.org 70
45 ianyone else. codemadness.org 70
46 i codemadness.org 70
47 iUsing the secret key the following command outputs a 6-digit code by default. codemadness.org 70
48 iIn this example we also assume the key is base32-encoded. codemadness.org 70
49 iThere can be other parameters and options, this is documented in the Yubico URI codemadness.org 70
50 istring format reference below. codemadness.org 70
51 i codemadness.org 70
52 iCommand: codemadness.org 70
53 i codemadness.org 70
54 i oathtool --totp -b SOMEKEY codemadness.org 70
55 i codemadness.org 70
56 i* The --totp option uses the time-variant TOTP mode, by default it uses HMAC SHA1. codemadness.org 70
57 i* The -b option uses base32 encoding of KEY instead of hex. codemadness.org 70
58 i codemadness.org 70
59 iTip: you can create a script that automatically puts the digits in the codemadness.org 70
60 iclipboard, for example: codemadness.org 70
61 i codemadness.org 70
62 i oathtool --totp -b SOMEKEY | xclip codemadness.org 70
63 i codemadness.org 70
64 i codemadness.org 70
65 i## References codemadness.org 70
66 i codemadness.org 70
67 h* zbarimg(1) man page URL:https://linux.die.net/man/1/zbarimg codemadness.org 70
68 h* oathtool(1) man page URL:https://www.nongnu.org/oath-toolkit/man-oathtool.html codemadness.org 70
69 h* RFC6238 - TOTP: Time-Based One-Time Password Algorithm URL:https://datatracker.ietf.org/doc/html/rfc6238 codemadness.org 70
70 h* Yubico.com - otpauth URI string format URL:https://docs.yubico.com/yesdk/users-manual/application-oath/uri-string-format.html codemadness.org 70
71 .