Re: oathtool should not require secret key on command line
Simon Josefsson <simon <at> josefsson.org>
2012-01-26 14:48:18 GMT
Martin Radford <Martin.Radford <at> bristol.ac.uk> writes:
> I've just been looking at the toolkit, and so far everything is working
> as expected.
> However, as far as I can see, the only way to provide the secret key to
> oathtool is to put it on the command line.
> This strikes me as being unsafe -- on a multi-user system, the secret
> key will show up in the output of the "ps" command, and hence could be
> unintentionally exposed.
> oathtool really needs to support a command-line option to allow the
> secret to be read from a file (e.g. "-f secretkey.txt") or even from a
> file descriptor (as gnupg does with its "--passphrase-fd" option).
Hello Martin and welcome to the list. Good point. Oathtool was mostly
intended as a debugging tool, but I can see that you could want to use
it in scripts and then this property is quite worrying.
The tool could be modified to read the key from standard input if the
KEY parameter is '-'. That is not a valid hex character, so there is no
ambuiguity. There could be command line parameters to make it read from
a file or from a file descriptor instead of from stdin. What do you