otp
is a single function implementation of TOTP
in bash
and a full rewrite of matthauck/bash-totp.
Since this implementation is a single function, it can be useful to be copied and pasted into another script.
openssl
base32
withcoreutils
orpython3
date
(bash
< 5.0 only)
Secret is a base32
encoded string found in the field secret
of a
TOTP Key Uri Format,
usually 16 chars long. Example:
echo -n "hi world." | base32
NBUSA53POJWGILQ=
Or a full TOTP Uri, example:
otpauth://totp/example.com:username%40example.com?secret=NBUSA53POJWGILQ=&issuer=example.com
A secret must always be a file because ps -e
can show environment variables.
Only the first line of the file will be parsed.
Set the secret using a environment variable:
OTP_SECRET_FILE=.secret ./otp
Set the secret using the cat
command:
cat .secret | ./otp
Or the pass command:
pass otp/secret | ./otp
The digits, period and algorithm can be set too:
OTP_DIGITS=6 OTP_PERIOD=30 OTP_ALGORITHM=SHA1 OTP_SECRET_FILE=otp.secret ./otp
The script auto-detect the available implementation, but it's possible to set manually too.
Standard Linux or macOS with coreutils:
OTP_BASE32=base32 OTP_SECRET_FILE=.secret ./otp
macOS without coreutils:
OTP_BASE32=base32_py OTP_SECRET_FILE=.secret ./otp
source ./otp
OTP_SECRET_FILE=".secret"
otp