[PATCH] Add oathtool TOTP 2FA integration for pass show

binarysauce.com.au reply at binarysauce.com.au
Thu Nov 1 01:42:41 CET 2018


Hi bex,

I am of the belief that what I am submitting is more intuitive and pass-like, and it meets the general needs of users looking for an intuitive answer to TOTP. I am unable to submit a patch to pass-otp as it is fundamentally a different user experience (functionally far superior) and my intention isn't to suggest redesign of the pass-otp interface as it is established and perfectly fit for it's user base.

I appreciate that this patch has a slim chance of being accepted due to it's imposition on core functionality, but i don't see this as any different than the imposition of clip or qrcode. In fact, tight oathtool integration that flows from the expected pass experience could be a key improvement as it makes the qrcode inclusion more meaningful and is not creating a new dependency for users, just optionally integrating two already established tools (pass, oathtool), if a user decides they want that.

I think this is worth looking at as the change is small, useful and supports existing ecosystem, eliminating the overhead of maintaining an additional dependency for an extension maintainer and pass users.

$ pass otp/gitlab/bsauce -o -c # copies a 6 digit TOTP token to the clipbard
$ pass gitlab/bsauce -c # ...

An alternative is replicating pass, (introducing a program) that does away with the -o --otp argument and makes the otp functionality first class, personally I prefer this approach as it does not pollute pass, but i'm open to either.

$ oath gitlab/bsauce -c # copies a 6 digit TOTP key to the clipbard
$ pass gitlab/bsauce -c # copies the password

I love the pass CLI and want to feel the exact same love when retrieving my OTP tokens. Does that explain where all this came from?

thank you.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, October 31, 2018 5:03 PM, Brian “bex” Exelbierd <bex at pobox.com> wrote:

> On Oct 30, 2018, at 6:20 AM, binarysauce.com.au <reply at binarysauce.com.au> wrote:
>
>> Hi Brad, these functions are already a standard part of `cmd_show` in pass. I'm just modifying their behaviour with the --otp argument. The introduced and optional dependency for this functionality would be `oathtool` itself. If a user doesn't want to use oathtool, they should not be impacted by this addition.
>
> Why not submit patches to the extension https://github.com/tadfisher/pass-otp ?
>
> Regards,
>
> bex
>
>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
>> On Tuesday, October 30, 2018 3:13 PM, Brad Knowles <brad at shub-internet.org> wrote:
>>
>>> On Oct 29, 2018, at 11:37 PM, binarysauce.com.au reply at binarysauce.com.au wrote:
>>
>>>
>>
>>>> The introduced functionality is an --otp argument for cmd_show which when given the -o or --otp argument (additionally a token length) can show the generated token, clip will copy the generated token but qrcode will provides the qrcode of the original key so that it can be added to an authenticator app.
>>
>>>
>>
>>> Are "clip" and "qrcode" standard *nix utilities? Or maybe provided as a part of oathtool?
>>
>>>
>>
>>> --------------------------------------------------------------------------------------------
>>
>>>
>>
>>> Brad Knowles brad at shub-internet.org
>>
>>>
>>
>>> Please forgive any typos. I'm fighting a failing keyboard on my laptop, in addition to having a broken finger.
>>
>> _______________________________________________
>> Password-Store mailing list
>> Password-Store at lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/password-store
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20181101/bf2c4b23/attachment.html>


More information about the Password-Store mailing list