Using Ada Keystore Tool
The akt
tool is the command line tool that manages the wallet.
It provides the following commands:
create
: create the keystoreedit
: edit the value with an external editorget
: get a value from the keystorehelp
: print some helplist
: list values of the keystoreremove
: remove values from the keystoreotp
: generate a one time password or manage OATH secretsset
: insert or update a value in the keystore
To create the secure file, use the following command and enter your secure password (it is recommended to use a long and complex password):
akt create secure.akt
At this step, the secure file is created and it can only be opened by providing the password you entered. To add something, use:
akt set secure.akt bank.password 012345
To store a file, use the following command:
akt store secure.akt contract.doc
If you want to retrieve a value, you can use one of:
akt get secure.akt bank.password
akt extract secure.akt contract.doc
You can also use the akt
command together with the tar
command
to create secure backups. You can create the compressed tar file,
pipe the result to the akt
command to store the content in the wallet.
tar czf - dir-to-backup | akt store secure.akt -- backup.tar.gz
To extract the backup you can use the extract
command and feed the
result to the tar
command as follows:
akt extract secure.akt -- backup.tar.gz | tar xzf -
Storing and using one-time password
The akt
tool integrates a support to manage Open Authentication (OATH) standards for
generating one-time password (OTP) codes. The OTP code is similar to a password and often
asked after a password validation in two-factor (2FA) authentications. akt
supports
the time-based one-time password (TOTP) algorithm as described in RFC 6238. This support
is provided by the otp
command.
After creating your secure keystore and protecting it either with a password or your GPG key,
you can register the otpauth
URI generated by your provider (for example GitHub or GitLab). The simpler
registration form is to get the otpauth
URI from the provider and register it with the command:
akt otp secure.akt 'otpauth://totp/GitHub:user?secret=XXXXXXX&issuer=GitHub'
You can also use the --interactive
option to help you enter the different fields that compose
the otpauth
URI. Once the otpauth
URI is registered, you can ask a new code by using the
same otp
command and giving the account name:
akt otp secure.akt GitHub:user