clotp

command module

v0.1.2 Latest Latest Go to latest Published: Jun 10, 2023 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/uaraven/clotp

Links

Open Source Insights

README ¶

CLOTP: Command-line one-time password generator

Usage

WARNING Actually using this utility could result in security breach. For real. Storing MFA codes on the same device where you might be using it for multi-factor authentication purposes is a bad idea that goes against the purpose of the MFA. Anyone with access to the computer will be able to steal your one-time passwords and defeat MFA. Granted, you're probably using your MFA-protected sites from your phone copying the codes from the Google Authenticator installed on the same phone. Just be aware of the dangers, you've been warned. At least use strong passphrase for the clotp keyring and do not reuse that passphrase anywhere else.

clotp command [command-options]

Commands:

add - add an OTP
remove - remove existing OTP
list - list all stored OTPs
view - view OTP code details
code - generate OTP code
copy - copy OTP code to the clipboard
decode - decode "otpauth-migration" URI
set-counter - set HOTP counter value
scan - decode QR code from the image
gen - generate an TOTP code on the fly, without saving the parameters

Add

add command adds new one-time password. OTP information is stored in the system's keyring.

clotp add [options] <url>

where url is otpauth or Google Authenticator otpauth-migration URL.

CLOTP supports HOTP and TOTP one-time passwords using SHA1, SHA256, and SHA512 hashes with number of code digits from 6 to 10. TOTP can have any time window defined.

Following options are supported:

--name - custom name that will override account label from the otpauth URL. --name option is ignored when used with otpauth-migration URIs
--code - pass base32-encoded secret code instead of URL,--name option is required when --code is used
--hash - use specified hash algorithm. Supported hashes are SHA-1, SHA-256 or SHA-512. --hash option is ignore when not used with --code option.

Remove

remove removes previously added one-time password

clotp remove <name>

Where name is an OTP name.

List

list command show all one-time passwords added previously with the add command.

View

view command shows detailed information about a selected OTP code, including Hash algorithm, number of digits, time step, counter, and (WARNING!!!), secret key

clotp view <name>

Example:

$ ./clotp view VPN

        Name: VPN
Account Name: uaraven
      Issuer: SomeVPNProvider
    OTP Type: TOTP
   Hash Type: SHA1
 Code Digits: 6
 Time offset: 0
   Time step: 30
      Secret: XXXXXXX
    Auth URI: otpauth://totp/uaraven@SomeVPNProvider?secret=XXXXXXX

Code

code will generate a new code from either otp id or otp name

clotp code [options] <name>

Following options are supported:

--counter - set counter for HOTP code. The counter will be stored for future uses. This option is ignored if the name refers to Time-based OTP
-c or --copy - copies generated code to the clipboard

Copy

copy will generate a new code from either otp id or otp name and copy it to clipboard. This is a shortcut to clotp code -c

clotp copy [options] <name>

Following options are supported:

--counter - set counter for HOTP code. The counter will be stored for future uses. This option is ignored if the name refers to Time-based OTP

Decode

decode can be used to decode Google Authenticator "export" URI. decode command accepts otpauth-migration URI and prints out all otpauth urls encoded in that URI.

clotp decode <url>

For example,

$ clotp decode otpauth-migration://offline?data=XXXXX

otpauth://totp/aaa:bbb?secret=YYYYY
otpauth://hotp/aaa:ccc?secret=ZZZZZ&counter=1023

Set-Counter

set-counter allows to set the HTOP counter value

clotp set-counter <name> <counter-value>

Scan

scan command can be used to decode QR code from the image. It supports otpauth and otpauth-migration URIs.

clotp scan [--decode [--parse]] <image>

<image> is a path to a PNG or JPG image file.

Gen

gen command allows to generate TOTP code without saving the generator parameters to the keyring

clotp gen --key secret [--hash SHA-1|SHA-256|SHA-512] [--digits X] [--period xx]

secret is a base32-encoded secret key hash allows to chose from one of the hash algorithms digits is a number of digits in the resulting code, default is 6 period is a number of seconds before the TOTP code change, default is 30

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cli
keyrings
migration

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL