FPs

Articles with the openvpn tag

一键连接VPN

公司安全的同事最近给OpenVPN加上了基于Google Authenticator的二步验证,密码是「常用密码」+「每次变化的Token」,每次在外边想做事都得打开手机查看Token,输入密码串,安全是安全了,可是不能忍!

OSX 生成Token

首先想到的是不要每次都打开手机,所以开始寻找Google Authenticator 生成工具的桌面版,果然有很多解决方案Is there a Google Authenticator desktop client?, 有Web版的、Java版的,不过最高效的当然是命令行版oathtool:

安装oath-toolkit:

brew install oath-toolkit

一个shell脚本,拷贝到 /usr/local/bin/,加上可执行权限:

#!/bin/bash
#fork from http://superuser.com/questions/462478/is-there-a-google-authenticator-desktop-client , by Peter Beckman

scriptname=`basename $0`
if [ -z $1 ]
then
echo "$scriptname: Service Name Req'd"
echo ""
echo "Usage:"
echo "   otp google"
echo ""
echo "Configuration: $HOME/.otpkeys"
echo "Format: name=key"
exit
fi
otpkey=` grep ^$1 $HOME/.otpkeys | cut -d"=" -f 2 | sed "s/ //g" `
if [ -z $otpkey ]
then
echo "$scriptname: Bad Service Name"
exit
fi
token=`/usr/local/bin/oathtool --totp -b $otpkey`
echo $token
echo $token | /usr/bin/pbcopy #自动拷贝至剪贴板
Continue ->