[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug#839278: oathtool: has no secure way to provide a key
From: |
Ian Jackson |
Subject: |
Bug#839278: oathtool: has no secure way to provide a key |
Date: |
Sat, 26 Dec 2020 22:40:08 +0000 |
Simon Josefsson writes ("Re: Bug#839278: oathtool: has no secure way to provide
a key"):
> I have pushed Ian's patch, but I dropped his newly introduced
> command-line parameter and instead allowed for KEY and OTP parameters to
> be - to mean stdin or @filename like you suggested Ilkka.
Thanks.
> A string of '-' is not valid hex, base32 or base64, and @filename is not
> valid hex, base32 or base64 either.
Right. So this is unambiguous. It's also sufficient for my use case.
> If someone wants to add support for reading from a numbered file
> descriptor, I'm happy to merge that -- how about '*42'? Just don't pick
> a character that is in the base64 alphabet (right now only hex and
> base32 are supported, but maybe base64 support will be added in the
> future). The '*' character would work. Is this useful though?
On many operating systems @/dev/fd/N would work nicely.
Thanks,
Ian.
--
Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own.
Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.