Re: OAUTH TOTP

To: netbsd-users%netbsd.org@localhost, prlw1%welche.eu@localhost
Subject: Re: OAUTH TOTP
From: Martin Neitzel <neitzel%hackett.marshlabs.gaertner.de@localhost>
Date: Tue, 30 Apr 2024 00:14:07 +0200 (CEST)

PW> Apparently I need to "purchase an inexpensive OATH TOTP compatible
PW> token device."

Here's another "thumbs-up" for the pkg "oath-toolkit".

I drive its oathtool(1) with a simple, rwx------ shell wrapper which
collects my personal seed secrets and tells me both the current and
upcoming TOTP, syncing on the HH:MM:{00,30} switch-overs.

(With an intentional off-by-one, cannot remember why I preferred
it that way, though.  The sample seeds below are not the real thing
-- no worries.)

Oh:  exit the loop with Ctrl-C.

							Martin Neitzel


#!/bin/sh

case "$1" in
	-h*|-hzi)	secret=LDCKNdVBUJUWMCDBCDOKQSDLC ;;
	-g*|-github)	secret=KMSXBBSPVOFBWCKX ;;
	-m*|-microsoft)	secret=sxok3dck8skxn9sx ;;
	-o*|-oci)	secret="SLODCNCDJNCDJBDCJBDCJBSXNI" ;;
	-*)	echo "$1: no such option" 1>&2 ; exit 1 ;;
	?*)	secret=$1 ;;
	"")	echo "usage: $0 [ -h | -m | -g | -o | <SECRET> ]"
		exit 1
		;;
esac

trap "exit 0" INT

while true; do
	t=`date +%S`
	date +"%T,  current & next token (changes on seconds :00 and :30):"
	oathtool --totp -w1 -b $secret
	# gotcha!  $t may come as 08 or 09 which would be illegal octal
	# numbers -- so we need to nuke a leading "0":
	sleep $(( 1 + 30 - (${t#0} % 30) ))
done

Follow-Ups:
- Re: OAUTH TOTP
  - From: Lucifer

References:
- OAUTH TOTP
  - From: Patrick Welche

Prev by Date: Re: OAUTH TOTP
Next by Date: Re: ipv4_prefer
Previous by Thread: Re: OAUTH TOTP
Next by Thread: Re: OAUTH TOTP
Indexes:

Home | Main Index | Thread Index | Old Index