RL> Is there a howto on this? (I can try searching from minneapolis if you haven't RL> got one handy, I'm a bit scrunched packing out my hotel room in tokyo just now.)
no. i called 'eix totp' to see whar gentoo packaged with the name totp (akin to apt search totp). the ebuild for app-crypt/totp-cli-bin recommended app-admin/keepassxc for a better option, but the gui version failed to run with a qt version conflict i've yet to diagnose, so i just used totp-cli.. RL> Devuan Bronchitis has keepassxc but not totp anything. on ceres i see keepassxc-full, keepassxc-minimal and transitional packages named keepassxc. i have not investigated the differences. RL> (The laptop with Devuan RL> Dermatitis isn't set up at the moment.) Is that the same as RL> https://github.com/WhyNotHugo/totp-cli (which says it's a pip install...) the ebuild i used specifies https://github.com/yitsushi/totp-cli as the homepage. one is likely a fork of the other. with totp-cli-bin it was a matter of running: totp-cli-bin add totp-cli-bin g github my_gh_id and follow the prompts. the 1st arg to g is the namespaced i specified when add prompted for it, and IIRC the second was also a string for which add prompted. the token string gh specified was also entered at one of add's prompts. >> keepassxc/stable RL> It says it's a password manager, is that the same as totp-cli? all i know for sure is that to totp-cli-bin ebuild writes this after installing: "For a more mature TOTP you can try app-admin/keepassxc, cli included" RL> P.S. I have no idea how "enter a unix time from the command line and this will RL> generate a code way in the future" is supposed to be more secure. Somebody with RL> 15 seconds access to my laptop could generate one for 3am a week from now and RL> log in at the specified time. Reading the setup, there's a shared key in RL> plaintext extractable from the github config. That's JUST TWO PASSWORDS, they're RL> merely obfuscating one of them slightly... yes, just more makework, what they ought to do if they actually cared would be an api over ssh -- using ed25519 or future pq keys -- to do anything rw, rather than screwing around with http nonsense. but of course they wont. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: https://jhcloos.com/0x997A9F17ED7DAEA6.asc _______________________________________________ Toybox mailing list Toybox@lists.landley.net http://lists.landley.net/listinfo.cgi/toybox-landley.net
