From 1ed0137c7143a7f0f9f6257a082f64ed8c2b5961 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Mon, 28 Aug 2023 21:59:32 +0300 Subject: Add an article on ‘totp(1)’ MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/prj/index.html | 1 + src/prj/totp/basic-usage.sh.html | 7 ++ src/prj/totp/index.html | 140 +++++++++++++++++++++++++++++++++++++++ src/prj/totp/zbarimg.sh.html | 4 ++ 4 files changed, 152 insertions(+) create mode 100644 src/prj/totp/basic-usage.sh.html create mode 100644 src/prj/totp/index.html create mode 100644 src/prj/totp/zbarimg.sh.html (limited to 'src/prj') diff --git a/src/prj/index.html b/src/prj/index.html index c38dd05..b8c8bc9 100644 --- a/src/prj/index.html +++ b/src/prj/index.html @@ -30,6 +30,7 @@

Posts:

diff --git a/src/prj/totp/basic-usage.sh.html b/src/prj/totp/basic-usage.sh.html new file mode 100644 index 0000000..9023218 --- /dev/null +++ b/src/prj/totp/basic-usage.sh.html @@ -0,0 +1,7 @@ +$ code=`mkpass A-Z0-7` +$ totp $code +475867 +$ echo $code | totp +475867 +$ totp -d 10 $code +0718732338 diff --git a/src/prj/totp/index.html b/src/prj/totp/index.html new file mode 100644 index 0000000..6974a0c --- /dev/null +++ b/src/prj/totp/index.html @@ -0,0 +1,140 @@ + + + + m4_include(head.html) + + +
+
+

Easy Password Generation

+ m4_include(nav.html) +
+ +
+
+

The C preprocessor is worse than m4, and I would kill myself + before I had to use m4.

+
+
+ Arav K. +
+
+
+ +
+

+ + You can find the totp git repository over at + sourcehut + or GitHub. + +

+ +

Table of Contents

+ + + +

Prologue

+

+ TOTP codes are pretty cool, and really easy to + do. They’re also the backbone of modern two-factor authentication. + With totp I hope to make + handling TOTP codes as easy and extensible as + possible. +

+ +

Terminology

+

+ There are a few terms that I will be using throughout this post, so it’s + good to make sure that we’re all on the same page about what I’m + referring to. +

+ +
+
Secret
+
+

+ Your secret is + a base32 encoded secret key that you should under + no circumstances share with anyone else. It is from this secret key + that we can generate valid TOTP codes. +

+
+ +
Digits
+
+

+ Your digits is the length of the generated + TOTP in digits. If digits is 8, + then your generated key could be ‘01234567’. When dealing + with 2FA this is typically 6. +

+
+ +
Period
+
+

+ Your period it the duration for which the generated key is + valid in seconds. When working with 2FA + this is typically 30. +

+
+
+ +

Basic Usage

+

+ totp takes secret keys as command-line arguments, but also + reads them from the standard input if none are provided. It assumes + that digits is 6 and period is 30. These defaults can + be changed with the -d and -p flags. +

+ +
+
m4_fmt_code(basic-usage.sh.html)
+
+ + + +

Working with QR Codes

+

+ Often times when enabling 2FA on your account + on some website or platform, you will be shown + a QR code you can scan with + your 2FA mobile application. + These QR codes + contain otpauth URIs. We can extract + these from downloaded images using utilities such + as zbarimg and use them in totp using + the -u flag to enable ‘URI mode’ +

+ +
+
m4_fmt_code(zbarimg.sh.html)
+
+ + …and that’s all! There’s nothing else you need. You can use secret keys + and otpauth URIs, and you can configure + the digits and period of the generated codes. You can + generate multiple keys at once, and all outputs are printed to the + standard output. +
+ +
+ + + + diff --git a/src/prj/totp/zbarimg.sh.html b/src/prj/totp/zbarimg.sh.html new file mode 100644 index 0000000..862eb78 --- /dev/null +++ b/src/prj/totp/zbarimg.sh.html @@ -0,0 +1,4 @@ +$ zbarimg -q my-qr-code.svg # Also works with jpg, png, etc. +QR-Code:otpauth://totp/GitHub:Mango0x45?secret=O1AIWMONKWVRJY4H&issuer=GitHub +$ zbarimg -q my-qr-code.svg | sed s/QR-Code:// | totp -u +554210 -- cgit v1.2.3