Hi, Try again, with quicker and better way to get server's time.
On 6/06/2013 9:21 PM, Simon Josefsson wrote: > Ilkka Virta <[email protected]> writes: > >>> And there is also time zone confusion >>> to take into account as another source of clock differences. >> >> It's all in UTC, so there shouldn't be any time zone confusion, unless >> somebody is doing something really wrong, right? > > Right. I'm guessing it isn't completely uncommon if you have a wide > variety of devices generating TOTPs (PCs, tablets, cell phones, etc). I've got another idea..... This will get the date/time from a server, Google in this instance: curl -D- http://google.com 2>/dev/null| \ grep ^Date|sed 's/^Date: //'|tr -d '\r\n' I've used that to sync TOTP generation with oathtool on Debian Wheezy like this: #!/bin/bash SECRET=my_base32_secret SERVER_URL=http://google.com while : do NOW=$(curl -D- $SERVER_URL 2>/dev/null| \ grep ^Date|sed 's/^Date: //'|tr -d '\r\n') echo "$NOW -- $(date) -- $( \ /usr/bin/oathtool --totp -b -d 6 \ --now="$NOW" $SECRET \ )" sleep 1 done It's a bit kludgy, but it gives you an idea as to how we might add in server specific results -- making sure to use THEIR time ... so the result is always virtually in sync with the target server that the TOTP will be used with. Perhaps a parameter for the host to check time from. What do you think? Cheers -- Kind Regards AndrewM
