Hi, Thanks for feedback! You are right on the style : I replaced backticks with $().
I understand the pass style point of view. Minimum dependencies, standard file name convention, only one functionnality : it's certainly the best way to ensure security and/or robustness. But I've one argument to use my fork. It does not change the structure of my password store. I could still access it without using "totp enhancement" fork. Thanks for the thread : I have been reading it. I did not understand everything... I'm just a end-user. And like all the end-users, I search usability. So, my idea was to have a single command to get both the password and TOTP. Thus, I'll try your script "subcommand_hooks". Yes, I like the idea. It's more secure because : * it must be signed to be execute. * it allows to add functionnality without modifing the core code. A priori, do you think it's possible to obtain the same result as "totp enhancement" : just one commande to get the two factors? thanks by advance :) Stephane Le 05/08/2015 15:33, Lenz Weber a écrit : > Hi, > this looks like a great idea! > > On the code itself: it looks fine to me, but I would replace the > backticks with $(), as that style is used everywhere else in pass. > > But at the moment, I think there are some concerns that may keep it from > getting integrated (but this is just guesswork, I'm not the maintainer) > * it introduces a new dependency: oathtool > * it introduces a new file name convention which impacts other commands > * it moves a bit away from the "only one functionality" thing pass does > otherwise. > > My thought on this is (and yes, I'm conquering your thread a bit with > this, sorry): > This might be a perfect example for a used-defined command hook. > We have been discussing this idea a few days ago (take a look at the > archive: > http://lists.zx2c4.com/pipermail/password-store/2015-August/thread.html#1659 > ). > > The gist of it is: you create a script with contents like > > #!/bin/bash > OTP_OPTS=( $PASSWORD_STORE_OTP_OPTS "--base32" "-w 3" "--totp" ) > OTP="oathtool" > $OTP "${OTP_OPTS[@]}" $(cmd_show "$@" | head -n1) > > save it as '~/.password-store/.subcommand_hooks/otp', make it executable > and sign it and it would be available as > pass otp <password-name> > > If you like the idea and want to do some testing, I'm desperately > waiting for feedback ;) > > Regards, > Lenz > > > > Am 05.08.2015 um 13:50 schrieb admin: >> Hello, >> I'm apologize for my poor english and my bad code... But I tried to >> add a functionality to allow password-store to generate a time otp. >> It's very useful for websites requesting a 2FA totp like google or >> github. See my fork of the master github password-store : >> https://github.com/Gambiit/password-store >> Thanks a lot for password-store, Best regards :) >> >> >> _______________________________________________ >> Password-Store mailing list >> [email protected] >> http://lists.zx2c4.com/mailman/listinfo/password-store > > > > _______________________________________________ > Password-Store mailing list > [email protected] > http://lists.zx2c4.com/mailman/listinfo/password-store > _______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
