From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Jean Louis Newsgroups: gmane.emacs.help Subject: Using oathtool in Emacs - was Re: Backticks in Eshell Date: Thu, 30 Sep 2021 11:45:35 +0300 Message-ID: References: <87y27eo9ja.fsf@inka.de> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="12036"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Mutt/2.0.7+183 (3d24855) (2021-05-28) Cc: help-gnu-emacs@gnu.org To: "Felix E. Klee" Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Thu Sep 30 10:54:06 2021 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mVrpN-0002p5-V9 for geh-help-gnu-emacs@m.gmane-mx.org; Thu, 30 Sep 2021 10:54:05 +0200 Original-Received: from localhost ([::1]:49148 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mVrpN-0008FC-0f for geh-help-gnu-emacs@m.gmane-mx.org; Thu, 30 Sep 2021 04:54:05 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:54936) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mVroe-00088w-Oq for help-gnu-emacs@gnu.org; Thu, 30 Sep 2021 04:53:20 -0400 Original-Received: from stw1.rcdrun.com ([217.170.207.13]:60411) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mVroc-0000uN-LW for help-gnu-emacs@gnu.org; Thu, 30 Sep 2021 04:53:20 -0400 Original-Received: from localhost ([::ffff:41.75.188.156]) (AUTH: PLAIN admin, TLS: TLS1.3,256bits,ECDHE_RSA_AES_256_GCM_SHA384) by stw1.rcdrun.com with ESMTPSA id 0000000000037E55.0000000061557AFC.00000B72; Thu, 30 Sep 2021 01:53:15 -0700 Mail-Followup-To: "Felix E. Klee" , help-gnu-emacs@gnu.org Content-Disposition: inline In-Reply-To: <87y27eo9ja.fsf@inka.de> Received-SPF: pass client-ip=217.170.207.13; envelope-from=bugs@gnu.support; helo=stw1.rcdrun.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.io gmane.emacs.help:133415 Archived-At: * Felix E. Klee [2021-09-30 10:07]: > To generate a one time password, I would do in Bash: > > oathtool -b --totp `gpg -d secret.gpg` > > How do I do the equivalent in Eshell? > > I tried: > > oathtool -b --totp ${gpg -d secret.gpg} > > But that doesn’t work. Even the following doesn’t work: > > echo ${gpg -h} > > I expect GnuPG’s help text, but there’s no output. I understand what you mean, but personally I don't keep it a secret in my $HOME directory: - all of the /home is encrypted, and I decrypt it manually when starting a computer. I do not let it to operating system to attempt decrypting it and asking me for the password. In general, an intruder who gets my computer without my presence (and this did happen) does not need to know there is anything encrypted on computer. - when I decrypt partition, then I have passwords pretty much plain in ~/.passwords or in the database (again easily decrypted). Database is on encrypted partition too and is started upon decryption of $HOME, /tmp and swap partitions must be on randomly encrypted partitions. Email is not delivered in /var, it is fetched from Internet to $HOME. Then I keep the oath-keys in a list: (defvar oath-keys '(digitalocean "3O1MLC2RYJ5VRDHB" ces "N1YWQ5C3OEXCGWTNLNTUQ2J2FAQXGNTU" namecheap "TW1N5TRK22QOHELVGMBTARV74XYET6HH")) (defun call-process-to-string (program &optional infile display &rest args) (with-temp-buffer (apply #'call-process program infile t display args) (buffer-string))) (defun oath () (interactive) (let* ((key (rcd-choose (map-keys oath-keys) "OATH Service: ")) (result (call-process-to-string "oathtool" nil nil "-b" "--totp=sha1" (plist-get oath-keys (intern "ces")))) (result (string-trim result))) (message result) (kill-new result))) And I ask interactively for it with M-x oath However, the above function does NOT result with same key when I run it from Emacs and I would like to find out why. Maybe it uses different time, I cannot know, it still does not work. Somebody can help? Otherwise in shell, I keep those few authentications as alias, straight as following: alias totp-digitalocean='oathtool -b --totp=sha1 3O1MLC2RYJ5VRDHB' So I just run the alias and get the authentication key. -- Jean Take action in Free Software Foundation campaigns: https://www.fsf.org/campaigns In support of Richard M. Stallman https://stallmansupport.org/