ubuntu 23.10
I can access my employer’s local network if I authenticate with a 2fa. They suggest proprietary software, but aegis authenticator (found in fdroid) works fine.
The thing is, the phone’s screen is too small and it’s very cumbersome to navigate the screen and to click. It’s so bad I don’t want to use it, because fonts are so small you cannot read anything. It’s like they didn’t even try to optimize the local network for devices.
However, if I could emulate this app on an ubuntu based computer, I’d use it. Can it be done?
Just use an app like Authenticator importing the Aegis export file.
I would recommend using a native 2fa app for Ubuntu. This answer https://askubuntu.com/a/1460646 recommends keepassxc, which is also a password manager that I personally use for passwords but I’ve not used its 2fa function. I also found this app https://gitlab.gnome.org/World/Authenticator
As an IT Technician/Sysadmin I highly recommend you use the one your IT team told you to use. If you run into issues they’ll be able to help but not if your using some obscure app they’ve never heard of.
Copy the totp seed from aegis and use something like keepassxc to generate the codes
You might be about to just run a native 2fa application like Authenticator.
Outside of that, Waydroid is an option.
I don’t understand the scenario here. Typically, you only need the TOTP (time-based one-time password) from your 2FA app, enter it on your computer, and you can use the computer to access your resources. The app itself is actually not even supposed to be on the same device, as an added layer of security.
It sounds like you need 2FA to run your company’s VPN (is that correct?). On your computer, you would launch the VPN, it’ll ask you for the TOTP (which you get from Aegis on your phone), and then you’re logged in and able to access company resources (on your computer).
https://github.com/marcopaganini/termotp is a CLI authenticator program with fuzzy find capabilities explicitly designed to work with Aegis export files.
Otpclient can open Aegis exports directly.
Just to add to the QEMU/KVM comment: you can also run an android emulator. The install process is a bit annoying (and contains too many “trust me bro” downloads from Google servers), but it is simple enough and you should be done in around 2h, modulo your uplink.
And at that point, using scrcpy actually helps with the keyboard input.
You can migrate all your keys to KeepassXC.
This is why we can’t have nice things.
my method for running Android apps on my distro is to run an Android 9.0-r2 VM on QEMU/KVM via virt-manager
maybe this might work for you?
here’s a guide I found for setting up Virt-manager on Ubuntu
and here’s a vid for setting up Android x86 on Virt-manager
- not sure if this is the exact same vid I used but it should suffice
hope this works/fits your use case!
Just use Waydroid instead: https://waydro.id, much lower overhead, however you need to mess with ARM emulation. For installing Google Apps and Device not Play certified: https://github.com/casualsnek/waydroid_script
More info: https://wiki.archlinux.org/title/Waydroid
That’s pretty neat! I didn’t know about Waydroid till now
however you need to mess with ARM emulation.
not sure about Arch as I’m on NixOS now and the implementation seems to be straightforward but I’ll keep an eye on your note if I do encounter issues
thanks!🤗
I used to use KDE’s Keysmith until I put all my OTP codes into bitwarden
you can just use any other OTP application on Linux like https://gitlab.gnome.org/World/Authenticator or https://apps.kde.org/keysmith/, they all follow the same protocol
you can export your keys in Aegis and import them in most applicationsOf course there is a KDE app that is feature packed and beautiful and no live being has heard or known about.
Firefox has 2FA extensions. Just remember that if both your authentications are on one device, you’re not getting a huge security boost.