aws mfa command line

Custom Keyboard Shortcut Linux [Example: Generate AWS MFA Tokens]

He Bits Lovers! Today, I will teach a little trick that I have been using for a while and saves me a lot of time. But, of course, you may already know that calling any shell script using one custom keyboard shortcut for Linux is possible. If not, we will learn a feature to boost your imagination and productivity. Our example will also teach how to generate AWS MFA tokens using the command line, but we can use any Shell Script.

Run Shell Script through Custom Keyboard Shortcut on Linux

However, the real advantage of using those features is knowing how to combine multiple applications to build our own customization to automate something that we repeatedly do every day.

Example of Custom Keyboard Shortcut on Linux: MFA for AWS

Today, we are constantly working and using cloud services, like email VPN. And to secure those accounts, it’s always recommended to enable MFA (Multi-factor authentication), so this will act like password doubling the security, where we need a specific extra token to complete the process of logging in. So in my example, I automated the MFA for AWS.

We usually use our cellphone as a device to generate tokens, which changes every few seconds. So, it means that once a day we need to log in, we need to get our cellphone, open the app, like Google Authenticator, check for the latest Token, and finally type the same Token on our computer to proceed with the login process. It’s not so tricky, but why rely on our cellphone if we can have a faster way? Also, if we forget our cellphone?

I created one script that generates that Token and sends it to our clipboard (where our data goes when we Copy & Paste our text). 

Good, right? 

So, I need to press my keyboard shortcut, which calls that Shell Script, generates the Token for me and sends it to the clipboard, where I need to paste the Token any place I need.

I already tested this approach on Cinnamon, Regolith, and Gnome. I believe that should work on the most Desktop environment available for Linux.

Softwares needed for our example:

xclip 

This application’s goal is to send any text to the clipboard using the command line.

oathtool

This application generates the AWS MFA Tokens for us. But, this application could generate any MFA for any cloud service. I am using AWS MFA as an example. This is one way to generate the AWS MFA through the command line.

zbarimg

This application converts an image, like a QR code, containing a hashcode that will be a key to know how to generate the Token. So, here, we execute the zbarimg once, only to retrieve that hashcode to use on our Shell Script.

Let’s get the hashcode from QR Code. 

Whenever we need to register an MFA device, we usually get one image and use our cellphone camera to recognize the image and then add a new MFA code. So, we will need to do it without our cellphone. So, first, save your QR Code image to your computer.

Execute the command below to read the image:

zbarimg qrcode.png

Example of Output:

QR-Code:otpauth://totp/Amazon%20Web%20Services:[email protected]?secret=N65MVQLVOC572ZQEPZ7CWFSDGDB1GJDLHMFNK2PAIX5X3G1X21KCFXCJG6V4SSSP&issuer=Amazon%20Web%20Services

scanned 1 barcode symbols from 1 images in 0 seconds

From the output, the only part that we care about is one:

secret=N65MVQLVOC572ZQEPZ7CWFSDGDB1GJDLHMFNK2PAIX5X3G1X21KCFXCJG6V4SSSP

Remember that this process you need to do once.

So please save it to a file. We will use that file as an argument to call our script.

Shell Script Keyboard Shortcut: AWS MFA Command Line

#!/usr/bin/env bash
IFS='%'
DURATION=30
# Get the Hashcode needs for oathtool
SECRET_KEY=`cat $1 | awk -F '=' '{print $2}' | xargs`
# Generate 6 digit MFA code from the secret
export token="$(oathtool -s $DURATION --totp --base32 ${SECRET_KEY})"
# Send the Token to the Clipboard
echo $token
echo $token | xclip -selection clipboard

Let’s test our AWS MFA command line.

You can go ahead and make a test calling the script, for example:

./generate_token.sh hashcode-aws-mfa

The script should print out the Token in the console and the clipboard. Then, try to paste the value and check if it matches the values that you saw.

Create Keyboard Shortcut in Linux

Ok. We are almost done. Now, let’s create the custom shortcut to start the script for us.

Access the control panel, and find the Keyboard session (or Keyboard Shortcuts). Later, click on Add button. On Gnome, you will be like the one below:

Add Shell Script to Shortcut:

aws mfa command line
Create a Keyboard Shortcut Linux

So, we need to specify one name and then the command line that will be used for calling our Shell Script, in this case, the same that we just did. And finally, set your keyboard sequence to trigger the Shell Script.

Easy right? 

Conclusion

This simple idea could save us a lot of time. And there is a tremendous amount of idea that we can use our imagination and do it! I love to automate all my tedious tasks, which also improves my Linux skill in general.

Our example uses AWS MFA as an example, but we just need to do it once a day. But, for sure we have a more complex task that requires steps, that could be used this approach to link on Shell Script with a Keyboard Shortcut.

I hope that you liked this post. Please leave a comment and let me know what you would do with this approach to save your time.

Articles for you

How to Learn Linux?

Different ways to delete files on Linux

How Xargs can help your productivity on Linux

2 thoughts on “Custom Keyboard Shortcut Linux [Example: Generate AWS MFA Tokens]”

Leave a Comment

Your email address will not be published.