diff options
author | Tad Fisher <tadfisher@gmail.com> | 2017-03-20 10:01:26 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-20 10:01:26 -0700 |
commit | 310322fdeee57330e92afdf0810ac5200163d08d (patch) | |
tree | 262111fc810123e3b0123b5e19a0219a54b8639d /pass-otp.1 | |
parent | db2baf62a27d5a657d0477d928f21a739981dc46 (diff) | |
parent | d9c681a8fbb70d40e14079e5f1a8b4aaee0b0d08 (diff) |
Merge pull request #17 from tadfisher/key-uri
Handle OTP key URIs
Diffstat (limited to 'pass-otp.1')
-rw-r--r-- | pass-otp.1 | 82 |
1 files changed, 32 insertions, 50 deletions
@@ -1,4 +1,4 @@ -.TH PASS-OTP 1 "2017 February 14" "Password store OTP extension" +.TH PASS-OTP 1 "2017 March 19" "Password store OTP extension" .SH NAME pass-otp - A \fBpass\fP(1) extension for managing one-time-password (OTP) tokens. @@ -23,45 +23,39 @@ utility with the command for adding OTP secrets, generating OTP codes, and displaying secret key URIs using the standard \fIotpauth://\fP scheme. -If no COMMAND is specified, COMMAND defaults to \fBshow\fP. +If no COMMAND is specified, COMMAND defaults to \fBcode\fP. .SH COMMANDS .TP -\fBotp show\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP +\fBotp code\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP -Generate and print an OTP code from the secret key stored in \fIpass-name\fP. If -\fI--clip\fP or \fI-c\fP is specified, do not print the code but instead copy it to the clipboard using -.BR xclip (1) +Generate and print an OTP code from the secret key stored in \fIpass-name\fP +using \fBoathtool\fP(1). If \fI--clip\fP or \fI-c\fP is specified, do not print +the code but instead copy it to the clipboard using \fBxclip\fP(1) and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP) -seconds. +seconds. This command is alternatively named \fBshow\fP. .TP -\fBotp insert totp\fP [ \fI--secret\fP=\fIkey\fP, \fI-s\fP \fIkey\fP ] [ \fI--algorithm\fP=\fIalgorithm\fP, \fI-a\fP \fIalgorithm\fP ] [ \fI--period\fP=\fIperiod\fP, \fI-p\fP \fIperiod\fP ] [ \fI--digits\fP=\fIdigits\fP, \fI-d\fP \fIdigits\fP ] [ \fI--force\fP, \fI-f\fP ] \fIpass-name\fP - -Insert a new TOTP secret into the password store called \fIpass-name\fP. If -\fI--secret\fP or \fI-s\fP are not specified, this will read \fIKEY\fP from -standard in. Prompt before overwriting an existing password, unless +\fBotp insert\fP [ \fI--force\fP, \fI-f\fP ] [ \fI--echo\fP, \fI-e\fP ] [ \fIuri\fP ] \fIpass-name\fP + +Insert a new OTP secret specified by \fIuri\fP into the password store at +\fIpass-name\fP. \fIuri\fP must be formatted according to the Key Uri Format; +see the documentation at +.UR https://\:github.\:com/\:google/\:google-authenticator/\:wiki/\:Key-Uri-Format +.UE . +If \fIuri\fP is not specified, it will be consumed from stdin; specify +\fI--echo\fP or \fI-e\fP to show a visible prompt when running this command +interactively. Prompt before overwriting an existing password, unless \fI--force\fP or \fI-f\fP is specified. This command is alternatively named -\fBadd totp\fP. +\fBadd\fP. .TP -\fBotp insert hotp\fP [ \fI--secret\fP=\fIkey\fP, \fI-s\fP \fIkey\fP ] [ \fI--digits\fP=\fIdigits\fP, \fI-d\fP \fIdigits\fP ] [ \fI--force\fP, \fI-f\fP ] \fIpass-name\fP \fIcounter\fP +\fBotp uri\fP [ \fI--clip\fP, \fI-c\fP | \fI--qrcode\fP, \fI-q\fP ] \fIpass-name\fP -Insert a new HOTP secret into the password store called \fIpass-name\fP. A -\fIcounter\fP argument is required, which is an integer specifying the initial -HOTP counter stored alongside the secret. If -\fI--secret\fP or \fI-s\fP are not specified, this will read \fIKEY\fP from -standard in. Prompt before overwriting an existing password, unless -\fI--force\fP or \fI-f\fP is specified. This command is alternatively named -\fBadd hotp\fP. - -.TP -\fBotp uri\fP [ \fI--clip\fP, \fI-c\fP | \fI--qrcode\fP, \fI-q\fP ] pass-name - -Create and print a URI encoding the secret key and OTP parameters using the -standard \fIotpauth://\fP scheme. If \fI--clip\fP or \fI-c\fP is specified, do -not print the URI but instead copy it to the clipboard using +Print the key URI stored in \fIpass-name\fP to stdout. If \fI--clip\fP or +\fI-c\fP is specified, do not print the URI but instead copy it to the clipboard +using .BR xclip (1) and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP) seconds. If \fI--qrcode\fP or \fI-q\fP is specified, do not print the URI but @@ -69,6 +63,14 @@ instead display a QR code using .BR qrencode (1) either to the terminal or graphically if supported. +.TP +\fBotp validate\fP \fIuri\fP + +Test a URI string for validity according to the Key Uri Format. For more +information about this format, see the documentation at +.UR https://\:github.\:com/\:google/\:google-authenticator/\:wiki/\:Key-Uri-Format +.UE . + .SH OPTIONS .TP @@ -77,30 +79,10 @@ Put the OTP code in the clipboard. .TP \fB\-f\fP, \fB--force\fP -Force to update and do not wait for user instruction. - -.TP -\fB-s\fP \fIkey\fP, \fB--secret\fR=\fIkey\fP -Provide a secret \fIkey\fP. This key must be base32-encoded. - -.TP -\fB-a\fP \fIalgorithm\fP, \fB--algorithm\fP=\fIalgorithm\fP -Specify the \fIalgorithm\fP for a TOTP secret. Accepted values are \fIsha1\fP, -\fIsha256\fP, and \fIsha512\fP. This option defaults to \fIsha1\fP. - -.TP -\fB-p\fP \fIperiod\fP, \fB--period\fP=\fIperiod\fP -Specify the \fIperiod\fP for a TOTP secret, in seconds. This option defaults to -\fI30\fP. - -.TP -\fB-d\fP \fIdigits\fP, \fB--digits\fP=\fIdigits\fP -Specify the number of \fIdigits\fP this secret should generate when used with -\fBshow\fP. Accepted values are \fI6\fP and \fI8\fP. This option defaults to -\fI6\fP. +Force update and do not wait for user instruction. .TP -\fB\-h\fB, \-\-help\fR +\fBhelp\fP, \fB\-h\fB, \-\-help\fR Show usage message. .SH SEE ALSO |