totp-tokens-on-desktop.md (1382B)
1 # TOTP tokens on desktop 2 3 If, like me, your phone may not always be in arms reach (or in a known location), you may sometimes get frustrated with 2FA tokens: look for the phone, look for the app, memorize the token, start writing, re-check the code, finish writing, make a typo, wash, rinse, repeat. 4 5 So I thought why wouldn't I have the tokens stored also on the computer, encrypted. Turns out, there are a couple of options in Ubuntu repos already, namely gnome-authenticator and otpclient. These, while working, seemed like a too big of a hammer for my preferred use, so I wrote a little script to grab a generated TOTP key for a service. I didn't want to go inventing a new file format or use a database, so I just used a list of URIs in [key uri format](https://github.com/google/google-authenticator/wiki/Key-Uri-Format), which can handily be exported from FreeOTP+, only encrypted with AES256. 6 7 The [resulting script](https://inz.fi/p/totp.bash) uses dmenu for passphrase querying, openssl CLI tool for decryption, xclip for putting the result on the clipboard and notify-send for error reporting. 8 9 To create the encrypted file, use something like: 10 11 mkdir ~/.local/share/totp 12 openssl aes256 -in [listfile] -out ~/.local/share/totp/keys.txt.encrypt 13 14 Then run the totp script with argument specifying which key you intend to use. 15 16 Adjust the dmenu colors to suit your fancy.