Scroll to navigation

PASS-OTP(1) General Commands Manual PASS-OTP(1)

NAME

pass-otp - A pass(1) extension for managing one-time-password (OTP) tokens.

SYNOPSIS

pass otp [ COMMAND ] [ OPTIONS ]... [ ARGS ]...

DESCRIPTION

pass-otp extends the pass(1) utility with the otp command for adding OTP secrets, generating OTP codes, and displaying secret key URIs using the standard otpauth:// scheme.

If no COMMAND is specified, COMMAND defaults to code.

COMMANDS

Generate and print an OTP code from the secret key stored in pass-name using oathtool(1). If --clip or -c is specified, do not print the code but instead copy it to the clipboard using xclip(1) and then restore the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME) seconds. This command is alternatively named show.

Prompt for and insert a new OTP secret into the password store at pass-name.

If --secret is specified, prompt for the secret value, assuming SHA1 algorithm, 30-second period, and 6 OTP digits. One or both of issuer and account must also be specified.

If --secret is not specified, prompt for a key URI; see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format for the key URI specification.

The secret is consumed from stdin; specify --echo or -e to echo input when running this command interactively. If pass-name is not specified, convert the issuer:accountname URI label to a path in the form of isser/accountname. Prompt before overwriting an existing secret, unless --force or -f is specified. This command is alternatively named add.

Append an OTP secret to the password stored in pass-name, preserving any existing lines.

If --secret is specified, prompt for the secret value, assuming SHA1 algorithm, 30-second period, and 6 OTP digits. One or both of issuer and account must also be specified.

If --secret is not specified, prompt for a key URI; see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format for the key URI specification.

The URI is consumed from stdin; specify --echo or -e to echo input when running this command interactively. Prompt before overwriting an existing secret, unless --force or -f is specified.

Print the key URI stored in pass-name to stdout. If --clip or -c is specified, do not print the URI but instead copy it to the clipboard using xclip(1) and then restore the clipboard after 45 (or PASSWORD_STORE_CLIP_TIME) seconds. If --qrcode or -q is specified, do not print the URI but instead display a QR code using qrencode(1) either to the terminal or graphically if supported.

Test a URI string for validity according to the Key Uri Format. For more information about this format, see the documentation at https://github.com/google/google-authenticator/wiki/Key-Uri-Format.

OPTIONS

Show usage message.

SEE ALSO

pass(1), qrencode(1), zbarimg(1)

AUTHORS

pass-otp was written by Tad Fisher.

COPYING

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

2017 March 19 Password store OTP extension