e40
commented
9 months ago What I do is keep my password in 1Password and use their Homebrew-based CLI to retrieve it and knock via a script.
Open stettler opened 10 months ago
e40
commented
9 months ago What I do is keep my password in 1Password and use their Homebrew-based CLI to retrieve it and knock via a script.
stettler
commented
9 months ago But that still a fixed password... What I mean is that instead of setting a fixed "KEY" on the server side and asking for that "KEY" from the client, we could use a time based OTP. That way, the "KEY" would change regularly and there would be no need for a fixed password.
e40
commented
9 months ago But that still a fixed password... What I mean is that instead of setting a fixed "KEY" on the server side and asking for that "KEY" from the client, we could use a time based OTP. That way, the "KEY" would change regularly and there would be no need for a fixed password.
I agree. I didn't say, but I was assuming the feature was desired because storing a password for automatic knocking is insecure. However, I agree, it's a good feature.
Hello, Would it be possible to add TOTP? Instead of configuring the server to accept a fixed password, it would be a lot more secure if fwknopd would accept a TOTP password (no need to change anything to the client).