ykocli - Man Page

Front end script to facilitate obtainment of TOTP tokens from ykman

The obtainment of TOTP tokens from ykman using the CLI requires manual copying. In addition, there are times when the token displayed will expire before it can be used, requiring the procedure be repeated. ykocli is designed to mitigate these issues, in addition to providing TOTP ADD, DELETE and RENAME capabilities. OATH entries that are stored in the inserted YubiKey will be displayed in a table. You will then be prompted to select an entry. That entry will then be used to obtain a non-expired TOTP token. If only 1 entry matches the specified search criteria, no table will be displayed and the appropriate TOTP token will be immediately placed in the CopyQ clipboard. If the code displayed is less than the REGEN value specified in the configuration file, then another code will be generated for the next cycle interval, greatly reducing or eliminating the use of an expired TOTP token. REGEN functionality is not available for TOTP OATH entries that require a touch to generate a token.

Configuration

ykocli allows for customization of certain items in the configuration.

If you wish to change an option in the configuration, first create a copy: cp /etc/ykocli.conf $HOME/.ykocli.conf then modify only the $HOME/.ykocli.conf version.

The configuration variables can be set as follows:

VARIABLE="value": "value" needs to be quoted.
All shell escaping/quoting rules apply.
Here is a list of changable configuration options ykocli recognizes:
REGEN="5": Default setting is 5 seconds This is the minimum threshold in seconds for TOTP token expiration. If the remaining time for the TOTP token is at or less than this value, ykocli will automatically create a replacement. REGEN functionality is not available for TOTP OATH entries that require a touch to generate a token.
EXITIME="5": Default setting is 5 seconds This is the minimum threshold in seconds for pressing the ENTER key to exit instead of returning to BACKGROUND MODE.
FIGFONT="small": Default setting is small. This is the font to be used by the Figlet generated banner.
COLOR OVERRIDES: Monochrome, terminal defaults set value to "DEFAULT". Available colors: RED, YELLOW, GREEN, BLUE, CYAN, PURPLE, GRAY, WHITE, BLACK, LRED, LYELLOW, LGREEN, LBLUE, LCYAN, LPURPLE, LGRAY. Placing an "L" in front of the color designates the "LIGHT" version; e.g. LRED - Light RED. Colors are assigned based upon the content being displayed. Definitions of the abbreviated variables are listed above each entry in ykocli.conf.

Usage Notes

[action]: Supported actions are TOTP | RENAME | ADD | DELETE
[search_string]: ykocli will only display OATH entries that match the search_string entered on the command line. If multiple matches are found, you will be prompted to select the desired entry.
BKGND: Konsole running under KDE Plasma ONLY. Invoke by using Konsole background mode, i.e. konsole --background-mode -e ykocli bkgnd or with an optional konsole profile, i.e. konsole --background-mode --profile xyz -e ykocli bkgnd This command can be entered using krunner, or as part of an autostart routine. The Konsole window will start in the background. Press the default hotkey CRTL+SHIFT+F12 to toggle the window between ACTIVE and BACKGROUND. Examples for desktop and profile files can be found in the /usr/share/doc/ykocli/examples directory. Alternatively, you can invoke the following command from your home directory: bash /usr/share/doc/ykocli/examples/ykocli-konsole-bkgnd.sh