Can I generate a 2FA code at the command line? #956
-
|
Hello, when you log in into your GitHub account you'll need a 6 digit code or some other way of authentication. GitHub recommends to use a TOTP app for two-factor authentication. GitHub writes in the documentation that these apps can be downloaded to your mobile phone, computer or web browser. So I've been putting this off for a long time. From the TOTP apps I tested I liked Step Two for Mac and iPhone. I would like to have something similar at the command line, for example when I don't have a mobile phone next to me. Thanks in advance for recommendations. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
I'm assuming you've already found this, but it makes a pretty decent impression on me: https://github.com/pcarrier/gauth |
Beta Was this translation helpful? Give feedback.
-
|
Here is an example file <?php
// TOTP token generator for the command line, https://github.com/datenstrom
// This will generate a 6 digit code used for two-factor authentication (2FA).
// A token is only valid for 30 seconds, then a new one must be generated.
const VERSION = "0.8.15";
// Configure secret keys, for example for a service such as GitHub or Google
if (PHP_SAPI=="cli") {
echo generateHeading();
echo generateToken("Example", "JBSWY3DPEHPK3PXP");
} else {
echo "Run at the command line!\n";
}
// Return heading with remaining time
function generateHeading($period = 30) {
$timeleft = $period - (time() % $period);
return "TOTP token generator. Updating in $timeleft seconds...\n";
}
// Return token, the required parameters are a label and a secret key
function generateToken($label, $secret, $period = 30, $digits = 6) {
$dataDecoded = "";
$dataBuffer = str_replace(" ", "", strtoupper($secret));
$dataBufferSize = strlen($dataBuffer);
$base32Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
for ($value=$bits=$pos=0; $pos<$dataBufferSize; ++$pos) {
$value = $value<<5;
$value = $value + stripos($base32Chars, $dataBuffer[$pos]);
$bits += 5;
if ($bits >= 8) {
$bits -= 8;
$dataDecoded .= chr(($value & (0xff<<$bits))>>$bits);
}
}
$timestamp = floor(time() / $period);
$counterPacked = pack("J", $timestamp);
$hash = hash_hmac("sha1", $counterPacked, $dataDecoded, true);
$offset = ord($hash[19]) & 0xf;
$totp =
((ord($hash[$offset+0]) & 0x7f)<<24) |
((ord($hash[$offset+1]) & 0xff)<<16) |
((ord($hash[$offset+2]) & 0xff)<<8) |
((ord($hash[$offset+3]) & 0xff));
$totp = $totp % pow(10, $digits);
$totp = str_pad($totp, $digits, "0", STR_PAD_LEFT);
return "$label $totp\n";
}Configure multiple secret keys in the file: echo generateHeading();
echo generateToken("Example ", "JBSWY3DPEHPK3PXP");
echo generateToken("GitHub/anna", "EXFOAGW5ML3K3PXP");
echo generateToken("Google/anna", "AOLKUATNZIKK3PXP");Generate TOTP tokens at the command line: Hope it helps. |
Beta Was this translation helpful? Give feedback.
Here is an example file
totp.php. It's a minimal TOTP token generator in a few lines of PHP. No special libraries required, only PHP must be installed on your system. Unfortunately I couldn't find a Base32 decode in the built-in PHP functions, so this was the shortest solution I came up with. You can configure your secret keys in the file. The required parameters are a label and a secret key.