gauth

command module

v0.0.3 Latest Latest Go to latest Published: Jan 29, 2022 License: ISC Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bade7n/gauth

Links

Open Source Insights

README ¶

gauth: replace Google Authenticator

Installation

With a Go environment already set up, it should be as easy as go get github.com/pcarrier/gauth.

Eg, with GOPATH=$HOME/go, it will create a binary $HOME/go/bin/gauth.

Usage

In web interfaces, pretend you can't read QR codes, get a secret like hret 3ij7 kaj4 2jzg instead.

Store one secret per line in ~/.config/gauth.csv, in the format name:secret. For example:

  AWS:   ABCDEFGHIJKLMNOPQRSTUVWXYZ234567ABCDEFGHIJKLMNOPQRSTUVWXYZ234567
  Airbnb:abcd efgh ijkl mnop
  Google:a2b3c4d5e6f7ghij
  Github:234567qrstuvwxyz

Restrict access to your user:
```
  $ chmod 600 ~/.config/gauth.csv
```

Run gauth. The progress bar indicates how far the next change is.

  $ gauth
             prev   curr   next
  AWS        315306 135387 483601
  Airbnb     563728 339206 904549
  Google     453564 477615 356846
  Github     911264 548790 784099
  [=======                      ]

gauth is convenient to use in watch.
```
  $ watch -n1 gauth
```
Remember to keep your system clock synchronized and to lock your computer when brewing your tea!

Encryption

gauth supports password-based encryption of gauth.csv. To encrypt, use:

    $ openssl enc -aes-128-cbc -md sha256 -in ~/gauth.csv -out ~/.config/gauth.csv
    enter aes-128-cbc encryption password:
    Verifying - enter aes-128-cbc encryption password:

gauth will then prompt you for that password on every run:

    $ gauth
    Encryption password: 
               prev   curr   next
    LastPass   915200 479333 408710

Note that this encryption mechanism is far from ideal from a pure security standpoint. Please read OpenSSL's notes on the subject.

Compatibility

Tested with:

Airbnb
Apple
AWS
DreamHost
Dropbox
Evernote
Facebook
Gandi
Github
Google
LastPass
Linode
Microsoft
Okta (reported by Bryan Baldwin)
WP.com
bittrex.com
poloniex.com

Please report further results to pierre@gcarrier.fr.

Rooted Android?

If your Android phone is rooted, it's easy to "back up" your secrets from an adb shell into gauth.

# sqlite3 /data/data/com.google.android.apps.authenticator2/databases/database \
          'select email,secret from accounts'

Really, does this make sense?

At least to me, it does. My laptop features encrypted storage, a stronger authentication mechanism, and I take good care of its physical integrity.

My phone also runs arbitrary apps, is constantly connected to the Internet, gets forgotten on tables.

Thanks to the convenience of a command line utility, my usage of 2-factor authentication went from 3 to 10 services over a few days.

Clearly a win for security.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

gauth.go

Directories ¶

Path	Synopsis
gauth Package gauth implements the time-based OTP generation scheme used by Google Authenticator.	Package gauth implements the time-based OTP generation scheme used by Google Authenticator.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL