gacli was created for used with google-authenticator. Thankfully, TOTP is
an open standard so gacli may have additional applications.
The ga command line utility provides convenient access to TOTP verification
codes:
usage: ga [-h] [-d] [-f FILE] Copy newline terminated TOTP verification code to Mac OS X clipboard. optional arguments: -h, --help show this help message and exit -d, --debug print debug information -f FILE, --file FILE Secret file The debug option continually prints verification codes instead of copying a single code to the clipboard.
This application assumes you have secured your local computer disk or
filesystem encryption. gacli is only safe with encryption:
- OS X: About FileVault 2
- EncryptedFilesystems - Community Ubuntu Documentation
- GnuPG
- GPGSuite (GnuPG for Mac OS X)
Choose either of the following installation methods:
- Simple Global
- VirtualEnv and User Bin (recommended)
Please consider, again, using the VirtualEnv and User Bin method
Install the pip python module, if you have not already done so.
Install the gacli python module:
sudo pip install gacli
This installation method has the following requirements:
- Your
PATHincludes~/bin - virtualenv Python module is installed
- virtualenvwrapper Python module is installed
Installation:
Create a new gacli virtualenv and install the gacli python module:
mkvirtualenv -i gacli gacli
Symlink
gato home bin:ln -s $(which ga) ~/bin/
See Security
Copy the secret key from the first line of your
.google_authenticatorand put in~/.gaChange permissions:
chmod 0400 ~/.ga
Encrypt secret file:
cat ~/.ga | gpg -aes -r EMAIL > .ga.gpg
Delete unencrypted secret file:
rm ~/.ga
Add an alias to your
.bashrc:alias gad='gpg -qd ~/.ga.gpg | ga -f -'
- mac-ssh-confirm: Protect against SSH Agent Hijacking on Mac OS X with the ability to confirm agent identities prior to each use
- Linux or Mac OS X
- Linux utilizes
xcliporxsel. - Mac OS X utilizes
pbcopy
- Linux utilizes
- onetimepass
- LICENSE (Expat License/MIT License)