bro are these legitimate keys?
On Mon, Apr 29, 2024, 6:14 PM Martin Neitzel <
neit...@hackett.marshlabs.gaertner.de> wrote:
> PW> Apparently I need to "purchase an inexpensive OATH TOTP compatible
> PW> token device."
>
> Here's another "thumbs-up" for the pkg "oath-toolkit".
>
> I drive its oathtool(1) with a simple, rwx------ shell wrapper which
> collects my personal seed secrets and tells me both the current and
> upcoming TOTP, syncing on the HH:MM:{00,30} switch-overs.
>
> (With an intentional off-by-one, cannot remember why I preferred
> it that way, though. The sample seeds below are not the real thing
> -- no worries.)
>
> Oh: exit the loop with Ctrl-C.
>
> Martin Neitzel
>
>
> #!/bin/sh
>
> case "$1" in
> -h*|-hzi) secret=LDCKNdVBUJUWMCDBCDOKQSDLC ;;
> -g*|-github) secret=KMSXBBSPVOFBWCKX ;;
> -m*|-microsoft) secret=sxok3dck8skxn9sx ;;
> -o*|-oci) secret="SLODCNCDJNCDJBDCJBDCJBSXNI" ;;
> -*) echo "$1: no such option" 1>&2 ; exit 1 ;;
> ?*) secret=$1 ;;
> "") echo "usage: $0 [ -h | -m | -g | -o | <SECRET> ]"
> exit 1
> ;;
> esac
>
> trap "exit 0" INT
>
> while true; do
> t=`date +%S`
> date +"%T, current & next token (changes on seconds :00 and :30):"
> oathtool --totp -w1 -b $secret
> # gotcha! $t may come as 08 or 09 which would be illegal octal
> # numbers -- so we need to nuke a leading "0":
> sleep $(( 1 + 30 - (${t#0} % 30) ))
> done
>
