Andrew McGlashan <[email protected]> writes: > Hi, > > > Simpler again ;) > - no sed, no tr, no /dev/null redirection > > > #!/bin/bash > > SECRET=my_base32_secret > SERVER_URL=http://google.com > > while : > do > NOW=$(curl -Is $SERVER_URL|grep ^Date:\ ) > > # strip first 6 characters (Date: ) & the new line (\n) > NOW=${NOW:6:-1} > echo "$NOW -- $(date) -- $( \ > /usr/bin/oathtool --totp -b -d 6 \ > --now="$NOW" $SECRET \ > )" > sleep 1 > done
Nice snippet. Note that since you used HTTP a man-in-the-middle may replace the time value fetched from the server to make this script return OATH codes for other than the current time. /Simon
signature.asc
Description: PGP signature
