random
Random notes that make my life easier and that I would love not to lose or forget.
Import Google Authenticator exports
If you are a Google Authenticator user I hope you love its lack of cloud sync as much as I do. Thing is, from time to time I like to backup its data.
The way I back up its contents is as follows.
Backup the Google Authenticator QR-exports
- Take your Android phone. Click on
Transfer accounts
,Export accounts
inside your Google Authenticator application. - It would be amazing to take screenshots of each QR code, but it's restricted for security reasons. There were means to circumvent this security measure on Android, but I use an iOS device I have around for this.
- If you also happen to have a device with iOS, open Google Authenticator there. Import all accounts previously exported by scanning every QR-code shown on your Android device, and re-export taking screenshots of each QR code on iOS.
- Transfer your screenshots to a safe, offline place and
shred
everything you have done in your way. You could print them and keep them in acid-free paper, for example, or a USB stick in a safe, whatever feels best for you. - Keep a temporary copy of the screenshots that we will use in the
next step. After we are done,
shred -u
it as well.
Read the contents of each file with zbarimg
~/2fa » ls IMG_0005.png IMG_0006.png IMG_0007.png IMG_0008.png IMG_0009.png ~/2fa » zbarimg *.png > codes.txt scanned 5 barcode symbols from 5 images in 0.92 seconds
Extract all the tokens
Now we will use the otpauth
tool to extract all the tokens from the
migration transfer links to plain otpauth
links that we can import
directly in keys like the Yubikey
.
Installing otpauth
You can read more on the project repository, but it boils down to go
get
it. If you happen to have another preferred way to install or run
it, pick your poison.
$ go get github.com/dim13/otpauth
We are so close now. We now have to extract the regular links.
~/2fa » sed -r 's/^[^:]+://g' codes.txt | xargs -L1 otpauth -link | cat -n
Check the line numbers you want to import. My current keys don't allow me to import all the ones I have, so I have to choose which ones I want installed in my security key.
Import the tokens you want
I do use ykman
with my Yubikey
to generate codes. It's a pretty
easy to use tool, that fullfills all my needs.
In order to import the codes you want, you just have to indicate the
line you want to import. Let's assume that the token you want to add
is on line 42
, we can run:
~/2fa » sed -r 's/^[^:]+://g' codes.txt | xargs -L1 otpauth -link | sed -n '42p' | ykman oath accounts uri
Repeat until you have imported all the tokens you want. That's it!