Here we will go over settting up a token generating app in a terminal. This saves me digging my phone out every time I log into something that has MFA enabled.
With only a couple MFA enabled sites it isn’t too bad, but pass ten and you start looking for your phone pretty regularly.
Install the software with the command : apt-get install oathtool
- Create a bash/shell file, per example, auth.sh wherever you want to have it on your system. In this example, the file will be on:
/home/username/scripts/auth.sh - Add the code below inside your file auth.sh
#!/bin/bash OPTIONS="Google Microsoft Dropbox Battlenet Facebook Quit" select opt in $OPTIONS; do if [ "$opt" = "Google" ]; then oathtool --base32 --totp "YOUR SECRET KEY" -d 6 elif [ "$opt" = "Microsoft" ]; then oathtool --base32 --totp "YOUR SECRET KEY" -d 6 elif [ "$opt" = "Dropbox" ]; then oathtool --base32 --totp "YOUR SECRET KEY" -d 6 elif [ "$opt" = "Battlenet" ]; then oathtool --base32 --totp "YOUR SECRET KEY" -d 6 elif [ "$opt" = "Facebook" ]; then oathtool --base32 --totp "YOUR SECRET KEY" -d 6 elif [ "$opt" = "Quit" ]; then exit else clear echo "Choose an available option." fi done
chmod +x auth.sh
IMPORTANT : your script file contains your secret key for your accounts (Google, Dropbox…) so you have to choose the correct permissions to limit the access to it. Don’t let non authorized people read the content of this file.
Make sure that the owner of the script is root and set the permissions such that only the owner can run it.
sudo chown root:root /path/to/auth.sh
sudo chmod 700 /path/to/auth.sh
If you look now at permissions with ls -l /path/to/auth.sh, you should see the following: -rwx------ root root, meaning that root can read, write and execute, and anyone else cannot even read that file.
thanks to analyth.com
collectivepi 