Aegis is a nice android app to manage OTP tokens.
pass is the password manager for *nix systems.
I know that the whole point of the two factor authentication
philosophy is to physically separate the bearers of authentication
information, but the lifetime of my physical devices is quite
random, so WHATEVER: I concoted this procedure to copy the
OTP passwords from aegis to pass.
In aegis, click on the three dots in the upper right angle, then
go to Settings. Scroll to the end and select Export. Uncheck
Keep the vault encrypted: we need the plain json. Choose
a location where to save the file.
Share the file to your computer
I suggest to use adb pull.
You'll need pass and the pass-otp extension. Then use this script
#!/usr/bin/env bash
# The form of the url is the following:
# otpauth://totp/${email}?secret=${secret}&issuer=${issuer}
if [ ! -f "${1}" ]; then
echo "Provide an input file"
exit -1
fi
for _otpauth in $(cat ${1} |jq '.db.entries[] | "otpauth://" + .type + "/" + .name + "?secret=" + .info.secret + "&issuer=" + .issuer'); do
otpauth=${_otpauth//\"}
path=otp/$(echo ${otpauth} | sed -e 's|otpauth://[a-z]\+/\(.*\)?secret=.*&issuer=\(.*\)|\2/\1|')
pass otp insert ${path} < <(echo ${otpauth})
doneIt needs the json with the secrets whe discussed above. It organizes
the secrets in the following fashon:
otp/<issuer>/<email>
Namely, a secret OTP from Google to my.name@gmail.com will have the form
otp/Google/my.name@gmail.com
To get the otp, just
pass otp otp/Google/my.name@gmail.com