It would be nice to have a flag to do CSV output as well as the normal output, so the data can be read in more easily by scripts.

In plain text, multiple line entries work
however, if you use openssl enc -aes-128-cbc -md sha256 -in gauth.csv -out ~/.config/gauth.csv
the 2nd gauth pass number is invalid
Quick test. create two (2) opt entries, run the gauth and confirm on your mobile, encrypt and run again, the 1st entry is correct the 2nd is invalid

The ability to add new secrets using prefixes, for an example

C:\>gauth -add Twitter:"secret"
gauth:the new secret has been added
C:\>gauth
Twitter "code" "code" "code"

Hi Pierre,

Thanks for fixing the encryption. One more thing. gauth.csv (plain) produces working output:

           prev   curr   next
AWS        670909 295771 313848
Gmail      423593 274271 393719
LastPass   670933 593250 903851
[=============================]

But when gauth.csv is encrypted, both the formatting and the output is wrong:

Encryption password:            prev   curr   next
AWS        064411 761417 662051
Gmail      692402 297265 894264
LastPass   098624 575304 819324
[==========                   ]

Regards,

Warren.

I don't really understand the encryption , like how can i set it up?

Hi! Thanks for your awesome tool!

It would be nice to be able to just download a prebuilt binary from the releases page on GitHub. Of course, I can build it myself, but I need to install the Go compiler to do this and I'm not a Go developer, so, it's some kind of inconvenient.

Just downloaded v.1.3.0 expecting to be able to specify just one secret: gauth Github

• Secret is saved as Github in my CSV (first in file, but same happens with others).
• gauth Github prints all secrets.
• gauth github (notice the lowercase) prints all secrets.
• gauth Github -b works as expected (?).
• gauth github -b (notice the lowercase) works, too.

deleting this issue

Hi,
is possible to add command line argument that print only current code?

Program output:

  $ gauth
             prev   curr   next
  AWS        315306 135387 483601
  Airbnb     563728 339206 904549
  Google     453564 477615 356846
  Github     911264 548790 784099
  [=======                      ]

I need something like:

  $ gauth --curr
              curr   
  AWS        135387 
  Airbnb      339206 
  Google     477615 
  Github      548790 
  [=======                      ]

I do not want to remove variables from

Thanks!

Fixed in https://github.com/moshahmed/gauth/blob/gauth-vim-stdin-win7/gauth.go

<     i := len(rest) - 1
<     for rest[i] < 16 {
---
>     i := len(rest)
>     for i>0 && rest[i-1] < 16 {

Hi,

Please see below, an encrypted 26 character code fails to decode correctly.

Regards,

Warren

➜  ~  cat .config/gauth.csv
Test: abcdefghijklmnopqrstuvwxyz
➜  ~  gauth
           prev   curr   next
Test       434331 315822 272588
[==========                   ]
➜  ~  cp .config/gauth.csv gauth.plain
➜  ~  openssl enc -aes-128-cbc -md sha256 -in gauth.plain -out ~/.config/gauth.csv
enter aes-128-cbc encryption password:
Verifying - enter aes-128-cbc encryption password:
➜  ~  gauth
Encryption password:
           prev   curr   next
2015/12/17 02:43:31 illegal base32 data at input byte 25

have the ability to just get one code, for an example:

C:\>gauth -snapchat
snapchat "code" "code" "code"
[ ======                      ]
C:\>

a "confirmation" option for safety would be good, for an example"

C:\>gauth
Are you sure you want to run gauth? [Y/N] : Y 
"codes"

or

C:\>gauth
Are you sure you want to run gauth? [Y/N] : N
C:\>

would be good, and it's simple to make

This is Python, but I'm sure something similar probably exists for golang. https://pypi.org/project/keyring/#what-is-python-keyring-lib

It is used in https://github.com/jjfalling/TOTP-Generator and it's pretty good, except that you have to choose to either be constantly prompted to "Allow" Python to access your keychain, or to "Always Allow" Python. And the latter means that after that, anything Python can access your keychain if it is unlocked. Not good. Compiling a binary solves this.

As I've gone thru the process of encrypting my file, I've got the following message:

$ openssl enc -aes-128-cbc -md sha256 -in gauth.csv -out gauth.csv.aes
enter AES-128-CBC encryption password:
Verifying - enter AES-128-CBC encryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.

openssl enc -list prints AES ciphers with longer key lengths (192 and 256), both in CBC mode. I'm on Ubuntu Jammy: OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
I've tried using both, and I always get an Loading config: invalid block padding error. Neither using -pbkdf2 nor -iter as suggested in the error message worked, also.

When looking for info about the cipher, I've also found that the information link in the docs is broken.

First of all thanks a lot for the great tool! It's a must-have for CLI geeks (and for others on *nixes too).
Are there any plans to add gauth to Homebrew for MacOS and Linux to ease installation and upgrade management?
Thanks

Currently the config file path is hardcoded to ~/.config/gauth.csv. Can you please add the ability to set the path via the command line using a --config argument.

Ran this command as mentioned
openssl enc -aes-128-cbc -md sha256 -in gauth.csv -out gauth.csv

Encryption password:
prev curr next
panic: runtime error: index out of range

goroutine 1 [running]:
main.main()
/Users/ankit.timbadia/go/src/github.com/pcarrier/gauth/gauth.go:131 +0xcb7

Hi,

Thanks for gauth - it's a great tool.

I recently found myself needing to export an OTP secret from google authenticator on my phone to my gauth.csv file.

So this tool is a simple step in doing that (wrapping zbarimg to perform the QR extraction).

https://github.com/jbert/gauthQR

regards,

jb

Hi,

I'm getting the following error when decrypting:

gauth
Encryption password:
panic: runtime error: index out of range

goroutine 1 [running]:
main.main()
    /Users/warren/Go/src/github.com/pcarrier/gauth/gauth.go:106 +0x8d8

goroutine 17 [syscall, locked to thread]:
runtime.goexit()
    /usr/local/go/src/runtime/asm_amd64.s:1696 +0x1

goroutine 20 [syscall]:
os/signal.loop()
    /usr/local/go/src/os/signal/signal_unix.go:22 +0x18
created by os/signal.init.1
    /usr/local/go/src/os/signal/signal_unix.go:28 +0x37

goroutine 34 [select, locked to thread]:
runtime.gopark(0x1a2390, 0xc8200bc728, 0x164fd0, 0x6, 0x2c818, 0x2)
    /usr/local/go/src/runtime/proc.go:185 +0x163
runtime.selectgoImpl(0xc8200bc728, 0x0, 0x18)
    /usr/local/go/src/runtime/select.go:392 +0xa64
runtime.selectgo(0xc8200bc728)
    /usr/local/go/src/runtime/select.go:212 +0x12
runtime.ensureSigM.func1()
    /usr/local/go/src/runtime/signal1_unix.go:227 +0x323
runtime.goexit()
    /usr/local/go/src/runtime/asm_amd64.s:1696 +0x1

I'm using the following versions:

go version
go version go1.5.1 darwin/amd64
openssl version
OpenSSL 0.9.8zg 14 July 2015
sw_vers
ProductName:    Mac OS X
ProductVersion: 10.10.5
BuildVersion:   14F1021

Any thoughts?

I've already setup Authy for use but I would like something I can use from the command line, how can I get what is needed to use this command line generator?

I've been using your tool at https://github.com/pcarrier/gauth and it's been great so far. However, I noticed that it seems to have stopped working for my Google account. I've tried generating new codes multiple times, but the output from your tool is still different than the one from the Google Authenticator app. The other 2FA codes seem to work properly.

Is there anything that might have changed with how Google handles 2FA?

I have an encrypted gauth.csv and can get the codes using a passphrase. I want to decrypt, add some extra secret keys/accounts and re-encrypt. But I can't seem to work out the command line to do the decryption. Please advise.

Some RFC6238 TOTP implementations use digits other than 6, or periods other than 30s e.g. Fortinet uses 60s

Could you please add a license statement and a LICENSE file? It's a blocker to get gauth integrated into distributions, e. g., Fedora.

Thanks

BTW, if you don't mind, could you also create a release by tagging the source?

$ gauth google

copied google OTP to clipboard

This is the biggest Quality of Life (QoL) improvement for me:

Add this to your ~/.bash_profile to add a case-insensitive search parameter to gauth:

cat <<'TXT'  >> ~/.bash_profile
# Make gauth accept a case insensitive search argument.
function gauth() { `which gauth` | grep -i ^${1}; }
TXT
source ~/.bash_profile

Then, you can run gauth normally or with a search string... It searches from the first letter of each entry. If you want to search every entry, change ^ to .*.

$ gauth git
GitHub.com (hopeseekr)            000000 111111 222222
git.mycorp.com (tsmith)           000000 111111 222222
GitLab.com (hopeseekr)            000000 111111 222222

For a whole lot more QoL console improvements, check out my BashScripts framework.

• a parser+decryptor for the andOTP db is here
• a decryptor for the Aegis db is here

Hi,

I noticed that wireshark also sets up its default configuration in .config.

➜  ~  cd .config
➜  .config  ls
gauth.csv wireshark

Regards,

Warren.

Hi!

I'd like to package gauth for Nix/NixOS and would feel better about it if there is a release / git tag. Would you mind creating one?