this post was submitted on 13 Nov 2024
26 points (100.0% liked)

Open Source

31220 readers
276 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
26
2FA Apps for Linux Desktop? (lemmy.world)
submitted 2 days ago by [email protected] to c/[email protected]
15 comments fedilink hide all child comments
 

Hi. Basically, I'm asking for suggestions. Do you know any good 2FA app that works on linux desktop? I'm looking for something that I can use instead of Aegis, Google authenticator, or microsoft authenticator, but in my computer. Note: It'd be great if it is open source but I'm not closed to proprietary apps, as long as they work on linux

top 15 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 day ago* (last edited 1 day ago)

Assuming you had the secrets stored in a secrets.json file in your home directory in this format:

{
  "github": "github2FAsecretKey",
  "some_other_account": "2FAsecretKeyForSomeOtherAccount"
}

You could make a simple otp.py script and basic TOTP library to generate them in a script & copy them to clipboard:

#!/usr/bin/env python3

import json
from pyotp import TOTP
import os
from sys import argv

try:
  file = json.load(open(os.path.join('/home','username','secrets.json')))
  if len(argv) > 1:
    totp = TOTP(file[str(argv[1])])
    code = totp.now()
    cmd = 'cb cp $(echo %s | tr -d "\n")' % code
    os.system(cmd)
  else:
    print(f"Available args:\n  {'\n  '.join(list(file.keys()))}")
except Exception as e:
  print(f'Error in OTP: {e}')

Then you just alias otp='f() { $HOME/otp.py $1 };f' in your shell profile/rc and call it with e.g. otp some_other_account or just otp if you forget what key names you gave them to get a reminder list. Obviously you'd want to replace the JSON plaintext file load with an actual secret store if you're not a lazy madman. I am a lazy madman.

Edit: when I stop being lazy I will probably switch to that [email protected] suggestion below (pass + pass-otp extension).

[–] [email protected] 23 points 2 days ago

keepassxc has 2fa support

[–] [email protected] 15 points 2 days ago

Seconding KeePassXC. Has good browser integration too.

[–] [email protected] 7 points 2 days ago (1 children)

Ente Auth

[–] [email protected] 1 points 1 day ago

This and since many don't know if the sync option is optional aka you can also keep everything local is you want to

[–] [email protected] 9 points 2 days ago

OTP is built in to many password management applications. I use pass and the pass-otp extension.

You can also use OATH Toolkit’s oathtool(1).

[–] [email protected] 6 points 2 days ago

Bitwarden

[–] [email protected] 1 points 1 day ago

A chrome extension should do the trick

[–] [email protected] 1 points 2 days ago (1 children)

Another idea if you are willing to spend some money is to get a yubikey. Then the tokens are stored on a separate hardware key and it has great android and Linux apps to access codes

[–] [email protected] 4 points 1 day ago (1 children)

as long as you don't have more than 32 accounts

[–] [email protected] 1 points 1 day ago

There is a limitation on the amount of accounts? I didn't knew that and that sucks ...

[–] [email protected] 3 points 2 days ago

If you use Gnome and Flatpaks there is an app called Authenticator on Flathub

[–] [email protected] 2 points 2 days ago

Some great recommendations in here already. If you're looking for an OTP only UI: https://gitlab.gnome.org/World/Authenticator

[–] [email protected] 1 points 2 days ago

If you use KDE Plasma and want an app which looks like your other Qt apps: https://apps.kde.org/keysmith/

[–] [email protected] 1 points 2 days ago

What exactly do you want it to do? You can implement TOTP with a 10 line python script and I probably have a few of those kicking around. I've ended up doing that at least a couple of times.