2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.
zauth is a 2FA (Two-Factor Authentication) application for terminal written in Go.
If you would like any other app to be supported, please create an issue and (if possible) provide an unencrypted sample backup file. Of course I am accepting pull requests as well :)
$ go install github.com/grijul/zauth@latest
By default, zauth stores it entries in $HOME/.zauth
directory.
zauth can be installed using docker as well. Running the following command pulls zauth image and runs zauth -h
command.
$ docker run grijul/zauth:latest zauth -h
You can bind container's /root/.zauth
directory to your host's $HOME/.zauth
directory to use zauth.json from your host system. Something like this should work:
$ docker run -v $HOME/.zauth:/root/.zauth zauth:latest zauth
Important Note: There is only 1 docker image with latest
tag on docker hub. Since there is no release cycle (as of now), I manually have to update the docker image whenever there are new commits. So the image is subject to be outdated and may not contain latest changes/fixes. I will try to update the image as frequently as possible.
If latest changes are desired, you can build docker image from source (it's easier than it sounds).
Clone repository and cd into dir
$ git clone https://github.com/grijul/zauth.git && cd zauth
Build using go build
command
$ go build .
Clone repository and cd into dir
$ git clone https://github.com/grijul/zauth.git && cd zauth
Build docker image
$ docker build -t zauth:latest .
Run docker image
$ docker run zauth:latest zauth -h
Print OTP
$ zauth
If zauth.json file exists, corresponding entries will be printed. Else the above command will give a file not found
error.
This will simply print zauth entries with OTP and exit.
If you wish to watch zauth entries update every second, you can use watch
command.
$ watch -n1 zauth
Add new entry
$ zauth entry -new
A prompt will be displayed to capture necessary details (secret, issuer, etc..).
List entries
$ zauth entry -list
Import decrypted file
$ zauth import -file <import_file> -type <import_type>
-file
flag tells zauth which file to import
-type
flag tells zauth what type of file is being imported (supported files)
Import encrypted file
$ zauth import -file <import_file> -type <import_type> -decrypt
-decrypt
flag tells zauth that import file is encrypted, and prompts user for decryption password. If not provided, files are assumed to be decrypted.
Import file (entries are overwritten)
$ zauth import -file <import_file> -type <import_type> -overwrite
-overwrite
flag overwrites existing entries with new entries. If not provided, entries are appended.
Export file
$ zauth export -type <export_type> -encrypt
-encrypt
flag tells zauth that exported file should be encrypted. If not provided, exported file is decrypted.
The file exported (encrypted/decrypted) is compatible with export_type
app. This means user should be able to import this exported file back to export_type
app.
-type=andotp
]-type=andotp
]Feel free to get in touch with me via Twitter or Email.