You simply use it like the ssh command before. The actual code that does all the magic is this ~$ sshpass -P "Verification code" -p $(bw get totp "$1 SSH") ssh How to use 2sh So, sshpass waits for the "Verification code" string to appear and then reads the response from the password file which is itself a subshell that calls Bitwarden which prints the wanted token out of it's database. Doesn't sound that nice, does it?Ģsh uses sshpass to actually recognize the challenge-response string after the SSH login and passes the actual token as the response and presses "enter" for me. Imagine you have to do this multiple times a day. This is where I open Bitwarden, search for the server I want to connect and copy & paste the current token into the session and press enter. After that, the SSH server will ask for a "Verification code" where you have to enter the currently valid TOTP token from Bitwarden. You first connect to SSH like normal with your password or your SSH key. But let me reiterate how the SSH login with TOTP tokens work. I also use Bitwarden to store all my credentials and also TOTP tokens and since I was tired of always manually typing in my current token upon a SSH login, I wrote 2sh to automate this for me. As an additional way to protect SSH servers from potential attackers, I started to implement TOTP-based 2FA logins in the past.
0 kommentar(er)
