Skip to content

tjblackheart/andcli

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
.github/workflows
.github/workflows
 
 
cmd/andcli
cmd/andcli
 
 
doc
doc
 
 
internal
internal
 
 
tools/srv
tools/srv
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

andcli

Go Report Card Build

andcli lets you work with 2FA tokens directly in your shell, using encrypted backups exported out of your favourite 2FA apps. All the data is held in memory only and will never leave your machine.

At the moment andcli can handle input from the following providers:

Demo

Installation

Download a prebuild release and place it somewhere in your $PATH. If you have Go installed you can install directly: go install -ldflags='-s -w' github.com/tjblackheart/andcli/v2/cmd/andcli@latest.

Usage

  1. Export an encrypted, password protected backup from your app and save it into your preferred cloud provider (i.e. Dropbox, Nextcloud...).
  2. Start andcli and point it to this file with andcli <path/to/file>. Specify the vault type via -t <type>. The path and type will be persisted, so you have to do this only once.
  3. Enter the password.
  4. To search for an entry, type /.
  5. Navigate via keyboard, press Enter to view a token and press c to copy it into the clipboard. Press u to hide usernames for this entry, which are visible by default.

Keys

↑/k up
↓/j down
/ filter
enter show/hide token
u show/hide usernames
c copy
q quit

Clipboard config

By default andcli will choose the first system clipboard tool found. For Linux, this could be either xclip, xsel or wl-copy for example. For Mac, it will always be pbcopy. If you need more control over this command, you can either edit the config file and set your preferred command including all flags in the clipboard_cmd entry, or you could pass the full command via the -c flag.

Config file

The configuration will get persisted in the default user home config directory. For Linux, this is $HOME/.config/andcli. For MacOS, it's $HOME/Library/Application Support/andcli and for Windows it should be in C:\Users\$USER\AppData\Roaming\andcli.

Options

Usage: andcli [options] <path/to/file>

Options:
  -c string
    	Clipboard command (xclip, wl-copy, pbcopy etc.)
  -f string
    	Path to the encrypted vault (deprecated: Pass the filename directly)
  -t string
    	Vault type (andotp, aegis, twofas)
  -v	Prints version info and exits

Implementing new vaults

A usabe vault implementation for andcli is basically just an interface providing one function called Entries(). You just have to figure out the encryption of your app and you're done. Have a look at the current implementations to see how this works.

You can use the demo registration server implementation at tools/srv to quickly create some demo tokens for your vault.

Thanks

License

MIT

About

A 2FA TUI for your shell

Resources

Readme

License

MIT license
Activity

Stars

30 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases 14

v2.0.2 Latest
Feb 12, 2025
+ 13 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages