Skip to content

tjblackheart/andcli

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
.github/workflows
.github/workflows
 
 
cmd/andcli
cmd/andcli
 
 
doc
doc
 
 
internal
internal
 
 
tools/srv
tools/srv
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

andcli

Go Report Card Build

andcli lets you work with 2FA tokens directly in your shell, using encrypted backups exported out of your favourite 2FA apps. All the data is held in memory only and will never leave your machine.

andcli can handle input from the following providers:

At the moment only TOTP entries are supported.

Demo

Installation

Download a prebuild release and place it somewhere in your $PATH. If you have Go installed you can install directly: go install -ldflags='-s -w' github.com/tjblackheart/andcli/v2/cmd/andcli@latest.

Usage

  1. Export an encrypted, password protected backup from your app and save it into your preferred cloud provider (i.e. Dropbox, Nextcloud...).
  2. Start andcli and point it to this file with andcli <path/to/file>. Specify the vault type via -t <type>. The path and type will be persisted, so you have to do this only once.
  3. Enter the password.
  4. To search for an entry, type /.
  5. Navigate via keyboard, press Enter to view a token and press c to copy it into the clipboard. Press u to hide usernames for this entry, which are visible by default.

Keys

↑/k up
↓/j down
/ filter
enter show/hide token
u show/hide usernames
c copy
q quit

Clipboard config

By default andcli will choose the first system clipboard tool found. For Linux, this could be either xclip, xsel or wl-copy. For Mac, it will always be pbcopy, and for a Windows machine it defaults to clip.exe. If you need more control over this command, you can either edit the config file and set your preferred command including all flags in the clipboard_cmd entry, or you could pass the full command via the -c flag.

Config file

The configuration will get persisted in the default user home config directory. For Linux, this is $HOME/.config/andcli. For MacOS, it's $HOME/Library/Application Support/andcli and for Windows it should be in C:\Users\$USER\AppData\Roaming\andcli.

Options

Usage: andcli [flags] <path/to/file>

Flags:
  -f, --file string            Path to the encrypted vault (deprecated: Pass the filename directly)
  -t, --type string            Vault type (andotp, aegis, twofas, stratum)
  -c, --clipboard-cmd string   A custom clipboard command, including args (xclip, wl-copy, pbcopy etc.)
  -v, --version                Prints version info and exits
  -h, --help                   Show this help

Implementing new vaults

A usable vault implementation for andcli has to implement an interface providing only one function called Entries(). Have a look at the current implementations to see how this works.

You can use the demo registration server implementation at tools/srv to quickly create some demo tokens for your vault.

Thanks

License

MIT

About

A 2FA TUI for your shell

Topics

tui otp-applications 2fa-client

Resources

Readme

License

MIT license
Activity

Stars

59 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases 17

v2.1.2 Latest
Apr 30, 2025
+ 16 releases

Packages

No packages published

Contributors 3

Languages