From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Morgan Willcock Newsgroups: gmane.emacs.devel Subject: Re: New package for NonGNU ELPA : totp-auth Date: Thu, 08 Feb 2024 19:15:37 +0000 Message-ID: <861q9mzs12.fsf@ice9.digital> References: Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="6145"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Cc: Richard Stallman , Vivek Das Mohapatra , emacs-devel@gnu.org To: Jean Louis Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Thu Feb 08 20:16:44 2024 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1rY9t5-0001Mh-6g for ged-emacs-devel@m.gmane-mx.org; Thu, 08 Feb 2024 20:16:43 +0100 Original-Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rY9sE-0000x5-Te; Thu, 08 Feb 2024 14:15:51 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rY9s9-0000wa-KO for emacs-devel@gnu.org; Thu, 08 Feb 2024 14:15:46 -0500 Original-Received: from relay4-d.mail.gandi.net ([217.70.183.196]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rY9s7-0001nh-FA; Thu, 08 Feb 2024 14:15:45 -0500 Original-Received: by mail.gandi.net (Postfix) with ESMTPSA id 48525E0002; Thu, 8 Feb 2024 19:15:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ice9.digital; s=gm1; t=1707419738; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=GMrwJ+jyQK0rUzOMi2IuIK99Sp/CT1xN07NtpVxJyZQ=; b=ALZ6s3edvKd2FyxAUZru+7sFAKnxzbbrZhDbxuL0P4kjJMz7AqOE+4iFBCzs9tVY26O5X+ os9IrFJ9UydSBjAx24Py7t7XAIXkp+8MRzwEyHVwExAW47SJJL9xxNKFkJyklDin4U8Eej xfJ3QNpy0V7ObyqBPjJDpv2aZrwDn58u1QZF2FU+LdhyE7rkJrq9VS8fs1vDS8EeG23GaF UkcFBLUZ+ZSG7tlGle/IIrxELVjiCZq8Cbay8lhQOm/+s0jn+3YMHiBHDWaagX2Kwz2tHE Byx9awtsgj74bnse/57Y5n4vJ2LjvszuJJk4YPVWEstu3w5VjqCqW4X1OxoRnw== In-Reply-To: (Jean Louis's message of "Wed, 7 Feb 2024 09:46:43 +0300") X-GND-Sasl: morgan@ice9.digital Received-SPF: pass client-ip=217.70.183.196; envelope-from=morgan@ice9.digital; helo=relay4-d.mail.gandi.net X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Xref: news.gmane.io gmane.emacs.devel:316047 Archived-At: Jean Louis writes: > * Richard Stallman [2024-02-07 06:17]: >> [[[ To any NSA and FBI agents reading my email: please consider ]]] >> [[[ whether defending the US Constitution against all enemies, ]]] >> [[[ foreign or domestic, requires you to follow Snowden's example. ]]] >> >> This is a useful feature, but should it be implemented as a part of >> Emacs? Is there / should there be a shell command for this? >> >> Given a shell command for this, do we want it implemented in Emacs >> too? > > I have implemented it this way below, and it works well now for long time already. It uses the external shell command. I would rather use Emacs Lisp for it. It is required at many logins. I did not show more than 3 logins below, and they are also fake keys. > > (defvar oath-keys '(digitalocean "31CHLCURYJ5VRDHB" > tether "J2AMLDF473VHD517" > twilio "EB1JS6TJNL1TQCWSNEZJG6IQ4XZGSC4UMI276X3TEODG2VQRTE5A") > > (defun call-process-to-string (program &optional infile display &rest args) > (with-temp-buffer > (apply #'call-process program infile t display args) > (buffer-string))) > > (defun oath () > "Ask for service and kill OATH result to memory." > (interactive) > (let* ((key (rcd-choose (map-keys oath-keys) "OATH Service: ")) > (result (call-process-to-string "oathtool" nil nil "-b" "--totp=sha1" (plist-get oath-keys (intern key)))) > (result (string-trim result))) > (message result) > (kill-new result))) I imagine this is potentially leaking your keys by making them visible in the system's process information. Recent versions of oathtool can read the key from stdin, so any attempt to create a wrapper should probably be using this feature. -- Morgan Willcock