otp: add README and use clipcopy
This commit is contained in:
parent
67b5bfaaa3
commit
c63fca8581
22
plugins/otp/README.md
Normal file
22
plugins/otp/README.md
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# otp plugin
|
||||||
|
|
||||||
|
This plugin allows you to create one-time passwords using [`oathtool`](https://www.nongnu.org/oath-toolkit/man-oathtool.html),
|
||||||
|
able to replace MFA devices. The oathtool key is kept in a GPG-encrypted file so the codes
|
||||||
|
can only be generated by a user able to decrypt it.
|
||||||
|
|
||||||
|
To use it, add `otp` to the plugins array in your zshrc file:
|
||||||
|
```zsh
|
||||||
|
plugins=(... otp)
|
||||||
|
```
|
||||||
|
|
||||||
|
Provided aliases:
|
||||||
|
|
||||||
|
- `otp_add_device`: creates a new encrypted storage for an oathtool key and stores it
|
||||||
|
on the disk. For encrypting the key, it will ask for a GPG user ID (your GPG key's
|
||||||
|
email address). Then the OTP key needs to be pasted, followed by a CTRL+D character
|
||||||
|
inserted on an empty line.
|
||||||
|
|
||||||
|
- `ot`: generates a MFA code based on the given key and copies it to the clipboard
|
||||||
|
(on Linux it relies on xsel, on MacOS X it uses pbcopy instead).
|
||||||
|
|
||||||
|
The plugin uses `$HOME/.otp` to store its internal files.
|
|
@ -12,32 +12,23 @@ function ot () {
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ `uname` == 'Darwin' ]] then # MacOS X
|
COPY_CMD='true'
|
||||||
export COPY_CMD='pbcopy'
|
|
||||||
elif command -v xsel > /dev/null 2>&1; then # Any Unix with xsel installed
|
|
||||||
export COPY_CMD='xsel --clipboard --input'
|
|
||||||
else
|
|
||||||
COPY_CMD='true'
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "x$1" == "x" ]]; then
|
if [[ -z "$1" ]]; then
|
||||||
echo "usage: otpw <profile.name>"
|
echo "usage: $0 <profile.name>"
|
||||||
return 1
|
return 1
|
||||||
elif [ ! -f $OTP_HOME/$1.otp.asc ]; then
|
elif [ ! -f $OTP_HOME/$1.otp.asc ]; then
|
||||||
echo "missing profile $1, you might need to create it first using otp_add_device"
|
echo "missing profile $1, you might need to create it first using otp_add_device"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
totpkey=$(gpg --decrypt $OTP_HOME/$1.otp.asc)
|
totpkey=$(gpg --decrypt $OTP_HOME/$1.otp.asc)
|
||||||
oathtool --totp --b $totpkey | tee /dev/stderr | `echo $COPY_CMD`
|
oathtool --totp --b $totpkey | tee /dev/stderr | clipcopy
|
||||||
if [[ $COPY_CMD == 'true' ]] then
|
|
||||||
echo "Note: you might consider installing xsel for clipboard integration"
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function otp_add_device () {
|
function otp_add_device () {
|
||||||
if [[ "x$1" == "x" ]] then
|
if [[ "x$1" == "x" ]] then
|
||||||
echo "usage: otp_add <profile.name>"
|
echo "usage: $0 <profile.name>"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
echo "Enter an email address attached to your GPG private key, then paste the secret configuration key followed by ^D"
|
echo "Enter an email address attached to your GPG private key, then paste the secret configuration key followed by ^D"
|
||||||
|
|
Loading…
Reference in a new issue