Man page - pass-otp(1)
Packages contains this manual
Manual
PASS-OTP
NAMESYNOPSIS
DESCRIPTION
COMMANDS
OPTIONS
EXAMPLES
SEE ALSO
AUTHORS
COPYING
NAME
pass-otp - A pass (1) extension for managing one-time-password (OTP) tokens.
SYNOPSIS
pass otp [ COMMAND ] [ OPTIONS ]... [ ARGS ]...
DESCRIPTION
pass-otp extends the pass (1) utility with the otp command for adding OTP secrets, generating OTP codes, and displaying secret key URIs using the standard otpauth:// scheme.
If no COMMAND is specified, COMMAND defaults to code .
COMMANDS
otp code [ --clip , -c ] pass-name
Generate and print an OTP code from the secret key stored in pass-name using oathtool (1). If --clip or -c is specified, do not print the code but instead copy it to the clipboard using xclip (1) and then restore the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME ) seconds. This command is alternatively named show .
otp insert
[
--force
,
-f
] [
--echo
,
-e
] [ [
--secret
,
-s
] [
--issuer
,
-i issuer
] [
--account
,
-a
account
] ] [
pass-name
]
Prompt for and insert a new OTP secret into the password store at pass-name .
If --secret is specified, prompt for the secret value, assuming SHA1 algorithm, 30-second period, and 6 OTP digits. One or both of issuer and account must also be specified.
If --secret is not specified, prompt for a key URI; see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format for the key URI specification.
The secret is consumed from stdin; specify --echo or -e to echo input when running this command interactively. If pass-name is not specified, convert the issuer:accountname URI label to a path in the form of isser/accountname . Prompt before overwriting an existing secret, unless --force or -f is specified. This command is alternatively named add .
otp append
[
--force
,
-f
] [
--echo
,
-e
] [ [
--secret
,
-s
] [
--issuer
,
-i issuer
] [
--account
,
-a
account
] ]
pass-name
Append an OTP secret to the password stored in pass-name , preserving any existing lines.
If --secret is specified, prompt for the secret value, assuming SHA1 algorithm, 30-second period, and 6 OTP digits. One or both of issuer and account must also be specified.
If --secret is not specified, prompt for a key URI; see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format for the key URI specification.
The URI is consumed from stdin; specify --echo or -e to echo input when running this command interactively. Prompt before overwriting an existing secret, unless --force or -f is specified.
otp uri [ --clip , -c | --qrcode , -q ] pass-name
Print the key URI stored in pass-name to stdout. If --clip or -c is specified, do not print the URI but instead copy it to the clipboard using xclip (1) and then restore the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME ) seconds. If --qrcode or -q is specified, do not print the URI but instead display a QR code using qrencode (1) either to the terminal or graphically if supported.
otp validate uri
Test a URI string for validity according to the Key Uri Format. For more information about this format, see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format .
OPTIONS
help , -h , --help
Show usage message.
EXAMPLES
Insert new OTP seed
$ pass otp insert totp-secret
For totp the secret will be in the format:
otpauth://totp/totp-secret?secret=AAAAAAAAAAA&issuer=totp-secret
To use your webcam to scan a QR code
$ zbarcam -q --raw | pass otp insert totp-secret
To use your webcam to append to an existing passfile
$ zbarimg -q --raw
google-qrcode.png | pass otp append google/example@gmail.com
If you have a clipboard management console tool such as
โwl-clipboardโ for Wayland installed, you can
also select "Copy Image" in your favorite browser
and run
$ wl-paste | zbarimg -q --raw - | pass otp append
google/example@gmail.com
Generate a 2FA code using seed
$ pass otp totp-secret
Display a QR code for an OTP token:
$ pass otp uri -q totp-secret
SEE ALSO
pass (1), qrencode (1), zbarimg (1)
AUTHORS
pass-otp was written by Tad Fisher .
COPYING
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.