141 lines
4.7 KiB
Groff
141 lines
4.7 KiB
Groff
.TH PASS-OTP 1 "2017 March 19" "Password store OTP extension"
|
|
|
|
.SH NAME
|
|
pass-otp - A \fBpass\fP(1) extension for managing one-time-password (OTP) tokens.
|
|
|
|
.SH SYNOPSIS
|
|
.B pass otp
|
|
[
|
|
.I COMMAND
|
|
] [
|
|
.I OPTIONS
|
|
]... [
|
|
.I ARGS
|
|
]...
|
|
|
|
.SH DESCRIPTION
|
|
|
|
.B pass-otp
|
|
extends the
|
|
.BR pass (1)
|
|
utility with the
|
|
.B otp
|
|
command for adding OTP secrets, generating OTP codes, and displaying secret key
|
|
URIs using the standard \fIotpauth://\fP scheme.
|
|
|
|
If no COMMAND is specified, COMMAND defaults to \fBcode\fP.
|
|
|
|
.SH COMMANDS
|
|
|
|
.TP
|
|
\fBotp code\fP [ \fI--clip\fP, \fI-c\fP ] [ \fI--quiet\fP, \fI-q\fP ] \fIpass-name\fP
|
|
|
|
Generate and print an OTP code from the secret key stored in \fIpass-name\fP
|
|
using \fBoathtool\fP(1). If \fI--clip\fP or \fI-c\fP is specified, do not print
|
|
the code but instead copy it to the clipboard using \fBxclip\fP(1)
|
|
and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP)
|
|
seconds. If \fI--quiet\fP or \fI-q\fP is specified, do not print
|
|
the git update message to standard out. This command is alternatively named
|
|
\fBshow\fP.
|
|
|
|
.TP
|
|
\fBotp insert\fP [ \fI--force\fP, \fI-f\fP ] [ \fI--echo\fP, \fI-e\fP ] \
|
|
[ [ \fI--secret\fP, \fI-s\fP ] [ \fI--issuer\fP, \fI-i\fP \fIissuer\fP ] \
|
|
[ \fI--account\fP, \fI-a\fP \fIaccount\fP ] [ \fI--path\fP, \fI-p\fP \fIpath-name\fP ] ] \
|
|
[ \fIpass-name\fP ]
|
|
|
|
Prompt for and insert a new OTP secret into the password store at
|
|
\fIpass-name\fP.
|
|
|
|
If \fI--secret\fP is specified, prompt for the \fIsecret\fP value, assuming SHA1
|
|
algorithm, 30-second period, and 6 OTP digits. One or both of \fIissuer\fP and
|
|
\fIaccount\fP must also be specified.
|
|
|
|
If \fI--secret\fP is not specified, prompt for a key URI; see the documentation at
|
|
.UR https://\:github.\:com/\:google/\:google-authenticator/\:wiki/\:Key-Uri-Format
|
|
.UE
|
|
for the key URI specification.
|
|
|
|
The secret is consumed from stdin; specify \fI--echo\fP or \fI-e\fP to echo input
|
|
when running this command interactively. If \fIpass-name\fP is not specified,
|
|
convert the \fIissuer:accountname\fP URI label to a path in the form of
|
|
\fIissuer/accountname\fP. Prompt before overwriting an existing secret, unless
|
|
\fI--force\fP or \fI-f\fP is specified. This command is alternatively named
|
|
\fBadd\fP.
|
|
|
|
\fI--path\fP specifies a path prefix to the generated path from the URI label.
|
|
|
|
.TP
|
|
\fBotp append\fP [ \fI--force\fP, \fI-f\fP ] [ \fI--echo\fP, \fI-e\fP ] \
|
|
[ [ \fI--secret\fP, \fI-s\fP ] [ \fI--issuer\fP, \fI-i\fP \fIissuer\fP ] \
|
|
[ \fI--account\fP, \fI-a\fP \fIaccount\fP ] ] \fIpass-name\fP
|
|
|
|
Append an OTP secret to the password stored in \fIpass-name\fP, preserving any
|
|
existing lines.
|
|
|
|
If \fI--secret\fP is specified, prompt for the \fIsecret\fP value, assuming SHA1
|
|
algorithm, 30-second period, and 6 OTP digits. One or both of \fIissuer\fP and
|
|
\fIaccount\fP must also be specified.
|
|
|
|
If \fI--secret\fP is not specified, prompt for a key URI; see the documentation at
|
|
.UR https://\:github.\:com/\:google/\:google-authenticator/\:wiki/\:Key-Uri-Format
|
|
.UE
|
|
for the key URI specification.
|
|
|
|
The URI is consumed from stdin; specify \fI--echo\fP or \fI-e\fP to echo input
|
|
when running this command interactively. Prompt before overwriting an existing
|
|
secret, unless \fI--force\fP or \fI-f\fP is specified.
|
|
|
|
.TP
|
|
\fBotp uri\fP [ \fI--clip\fP, \fI-c\fP | \fI--qrcode\fP, \fI-q\fP ] \fIpass-name\fP
|
|
|
|
Print the key URI stored in \fIpass-name\fP to stdout. If \fI--clip\fP or
|
|
\fI-c\fP is specified, do not print the URI but instead copy it to the clipboard
|
|
using
|
|
.BR xclip (1)
|
|
and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP)
|
|
seconds. If \fI--qrcode\fP or \fI-q\fP is specified, do not print the URI but
|
|
instead display a QR code using
|
|
.BR qrencode (1)
|
|
either to the terminal or graphically if supported.
|
|
|
|
.TP
|
|
\fBotp validate\fP \fIuri\fP
|
|
|
|
Test a URI string for validity according to the Key Uri Format. For more
|
|
information about this format, see the documentation at
|
|
.UR https://\:github.\:com/\:google/\:google-authenticator/\:wiki/\:Key-Uri-Format
|
|
.UE .
|
|
|
|
.SH OPTIONS
|
|
|
|
.TP
|
|
\fBhelp\fP, \fB\-h\fP, \fB\-\-help\fP
|
|
Show usage message.
|
|
|
|
.SH SEE ALSO
|
|
.BR pass (1),
|
|
.BR qrencode (1),
|
|
.BR zbarimg (1)
|
|
|
|
.SH AUTHORS
|
|
.B pass-otp
|
|
was written by
|
|
.MT tadfisher@gmail.com
|
|
Tad Fisher
|
|
.ME .
|
|
|
|
.SH COPYING
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|