all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Jean Louis <bugs@gnu.support>
To: "Felix E. Klee" <felix.klee@inka.de>
Cc: help-gnu-emacs@gnu.org
Subject: Using oathtool in Emacs - was Re: Backticks in Eshell
Date: Thu, 30 Sep 2021 11:45:35 +0300	[thread overview]
Message-ID: <YVV5Lz6OBl+/Hgg6@protected.localdomain> (raw)
In-Reply-To: <87y27eo9ja.fsf@inka.de>

* Felix E. Klee <felix.klee@inka.de> [2021-09-30 10:07]:
> To generate a one time password, I would do in Bash:
> 
>     oathtool -b --totp `gpg -d secret.gpg`
> 
> How do I do the equivalent in Eshell?
> 
> I tried:
> 
>     oathtool -b --totp ${gpg -d secret.gpg}
> 
> But that doesn’t work.  Even the following doesn’t work:
> 
>     echo ${gpg -h}
> 
> I expect GnuPG’s help text, but there’s no output.

I understand what you mean, but personally I don't keep it a secret in
my $HOME directory:

- all of the /home is encrypted, and I decrypt it manually when
  starting a computer. I do not let it to operating system to attempt
  decrypting it and asking me for the password. In general, an
  intruder who gets my computer without my presence (and this did
  happen) does not need to know there is anything encrypted on
  computer.

- when I decrypt partition, then I have passwords pretty much plain in
  ~/.passwords or in the database (again easily decrypted). Database
  is on encrypted partition too and is started upon decryption of
  $HOME, /tmp and swap partitions must be on randomly encrypted
  partitions. Email is not delivered in /var, it is fetched from
  Internet to $HOME. 

Then I keep the oath-keys in a list:

(defvar oath-keys '(digitalocean "3O1MLC2RYJ5VRDHB" ces "N1YWQ5C3OEXCGWTNLNTUQ2J2FAQXGNTU" namecheap "TW1N5TRK22QOHELVGMBTARV74XYET6HH"))

(defun call-process-to-string (program &optional infile display &rest args)
  (with-temp-buffer
    (apply #'call-process program infile t display args)
    (buffer-string)))

(defun oath ()
  (interactive)
  (let* ((key (rcd-choose (map-keys oath-keys) "OATH Service: "))
	 (result (call-process-to-string "oathtool" nil nil "-b" "--totp=sha1" (plist-get oath-keys (intern "ces"))))
	 (result (string-trim result)))
    (message result)
    (kill-new result)))

And I ask interactively for it with M-x oath 

However, the above function does NOT result with same key when I run
it from Emacs and I would like to find out why. Maybe it uses
different time, I cannot know, it still does not work. Somebody can
help? 

Otherwise in shell, I keep those few authentications as alias,
straight as following:

alias totp-digitalocean='oathtool -b --totp=sha1 3O1MLC2RYJ5VRDHB'

So I just run the alias and get the authentication key.



-- 
Jean

Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns

In support of Richard M. Stallman
https://stallmansupport.org/



  parent reply	other threads:[~2021-09-30  8:45 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-30  6:35 Backticks in Eshell Felix E. Klee
2021-09-30  7:26 ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-09-30 13:19   ` Felix E. Klee
2021-09-30 15:36     ` Emanuel Berg via Users list for the GNU Emacs text editor
2021-09-30  8:45 ` Jean Louis [this message]
2021-09-30 13:38 ` Joost Kremers
2021-09-30 13:56   ` Felix E. Klee
2021-09-30 14:06     ` Joost Kremers
2021-09-30 15:02       ` Felix E. Klee
2021-09-30 19:17         ` Joost Kremers
2021-09-30 15:38   ` Emanuel Berg via Users list for the GNU Emacs text editor

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YVV5Lz6OBl+/Hgg6@protected.localdomain \
    --to=bugs@gnu.support \
    --cc=felix.klee@inka.de \
    --cc=help-gnu-emacs@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.