[PATCH] Add oathtool TOTP 2FA integration for pass show

Tad tadfisher at gmail.com
Sat Nov 3 20:18:07 CET 2018


With pass-otp those commands are:

    pass -c gitlab/bsauce
    pass otp -c gitlab/bsauce

Note how OTP secrets may be stored alongside passwords if you so choose.


On Wed, Oct 31, 2018, 5:43 PM binarysauce.com.au <reply at binarysauce.com.au>
wrote:

> Hi bex,
>
> I am of the belief that what I am submitting is more intuitive and
> pass-like, and it meets the general needs of users looking for an intuitive
> answer to TOTP. I am unable to submit a patch to pass-otp as it is
> fundamentally a different user experience (functionally far superior) and
> my intention isn't to suggest redesign of the pass-otp interface as it is
> established and perfectly fit for it's user base.
>
> I appreciate that this patch has a slim chance of being accepted due to
> it's imposition on core functionality, but i don't see this as any
> different than the imposition of clip or qrcode. In fact, tight oathtool
> integration that flows from the expected pass experience could be a key
> improvement as it makes the qrcode inclusion more meaningful and is not
> creating a new dependency for users, just optionally integrating two
> already established tools (pass, oathtool), if a user decides they want
> that.
>
> I think this is worth looking at as the change is small, useful and
> supports existing ecosystem, eliminating the overhead of maintaining an
> additional dependency for an extension maintainer and pass users.
>
> $ pass otp/gitlab/bsauce -o -c # copies a 6 digit TOTP token to the
> clipbard
> $ pass gitlab/bsauce -c # ...
>
> An alternative is replicating pass, (introducing a program) that does away
> with the -o --otp argument and makes the otp functionality first class,
> personally I prefer this approach as it does not pollute pass, but i'm open
> to either.
>
> $ oath gitlab/bsauce -c # copies a 6 digit TOTP key to the clipbard
> $ pass gitlab/bsauce -c # copies the password
>
> I love the pass CLI and want to feel the exact same love when retrieving
> my OTP tokens. Does that explain where all this came from?
>
> thank you.
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Wednesday, October 31, 2018 5:03 PM, Brian “bex” Exelbierd <
> bex at pobox.com> wrote:
>
>
>
>
> On Oct 30, 2018, at 6:20 AM, binarysauce.com.au <reply at binarysauce.com.au>
> wrote:
>
> Hi Brad, these functions are already a standard part of `cmd_show` in
> pass. I'm just modifying their behaviour with the --otp argument. The
> introduced and optional dependency for this functionality would be
> `oathtool` itself. If a user doesn't want to use oathtool, they should not
> be impacted by this addition.
>
>
> Why not submit patches to the extension
> https://github.com/tadfisher/pass-otp ?
>
> Regards,
>
> bex
>
>
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Tuesday, October 30, 2018 3:13 PM, Brad Knowles <brad at shub-internet.org>
> wrote:
>
> On Oct 29, 2018, at 11:37 PM, binarysauce.com.au reply at binarysauce.com.au
> wrote:
>
>
> The introduced functionality is an --otp argument for cmd_show which when
> given the -o or --otp argument (additionally a token length) can show the
> generated token, clip will copy the generated token but qrcode will
> provides the qrcode of the original key so that it can be added to an
> authenticator app.
>
>
> Are "clip" and "qrcode" standard *nix utilities? Or maybe provided as a
> part of oathtool?
>
>
>
> --------------------------------------------------------------------------------------------
>
>
> Brad Knowles brad at shub-internet.org
>
>
> Please forgive any typos. I'm fighting a failing keyboard on my laptop, in
> addition to having a broken finger.
>
>
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20181103/121c17b1/attachment.html>


More information about the Password-Store mailing list