OTP (One-Time-Passwords) and KeePass: no Plugins required

Plugins might bring additional features or ease the usage. But if someone is happy with „Auto-Type“ or „copy&paste“-Passwords from KeePass into a VPN-Client-GUI for example:

  • works out of the box
  • no need to add anything to KeePass

Entry.Password: {TIMEOTP} Placeholder

just place the String {TIMEOTP} before or behind – like the VPN-Server is configured – your (fixed) User-Password.

  • {TIMEOTP} acts as a placeholder
  • it will get replaced by your constantly changing (in my setup 6-digit) token.

Advanced

The generator needs some parameters to calculate the correct values, of course

Advanced: String Fields

Add a String Field:

  • Field Name: TimeOtp-Secret-Base32
    • seems to be the most common variant
    • valid for OPNsense TOTP
  • Field Value: <OTP seed> //OPNsense=>System.Access.Users.perUser

Additional Parameters can get configured:

Thats all.

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

Azure-CLI: Download File from Fileshare

ronald@Azure:~$ az storage file list -s FILESHARE -o table
Name               Content Length    Type    Last Modified
-----------------  ----------------  ------  ---------------
DEMO.TXT           9                 file

ronald@Azure:~$ az storage file download -s FILESHARE -p DEMO.TXT
Finished[#############################################################]  100.0000%
{
  "content": null,
  "metadata": {},
  "name": "DEMO.TXT",
  "properties": {
    "contentLength": 9,
    "contentRange": "bytes 0-8/9",
    "contentSettings": {
      "cacheControl": null,
      "contentDisposition": null,
      "contentEncoding": null,
      "contentLanguage": null,
      "contentType": "application/octet-stream"
    },
    "copy": {
      "completionTime": null,
      "id": null,
      "progress": null,
      "source": null,
      "status": null,
      "statusDescription": null
    },
    "etag": "\"0x8D8EB06203D00A5\"",
    "lastModified": "2021-03-19T18:38:01+00:00",
    "serverEncrypted": true
  }
}

ronald@Azure:~$ cat DEMO.TXT
RONRONRON

Azure: Storage-Account

Create a Storage-Account

az storage account create \
  --resource-group RGTEST \
  --name $STORAGE_ACCOUNT_NAME \
  --sku Standard_LRS \
  --location westeurope

retrieve connection string

AZURE_STORAGE_CONNECTION_STRING=$(az storage account show-connection-string \
  --resource-group RGTEST \
  --name $STORAGE_ACCOUNT_NAME \
  --output tsv)

ronald@Azure:~$ echo $AZURE_STORAGE_CONNECTION_STRING
DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=mystorageaccount4108;AccountKey=HlLklNRxLsKRzLw28Tc8W+0MDPv2RON/Stic8Lu1ryu0XiLDizlZRVnpAVwoSkzA==

Retrieve the Storage_key

ronald@Azure:~$ STORAGE_KEY=$(az storage account keys list \
>   --resource-group RGTEST \
>   --account-name $STORAGE_ACCOUNT_NAME \
>   --query "[0].value" \
>   --output tsv)
ronald@Azure:~$ echo $STORAGE_KEY
HlLklNRxLsKRzLw28Tc8W+0MDPv2RONAVwoSkzA==

create a file-share:

az storage share create --name TESTSHARE

Azure CLI: Default-Values for config-Session

In most cases, at least some parameters for a set of CLI-Commands remain the same. Setting those as „default“ saves time and reduces human error.

For example, specify your location and ressource-group exactly one time and never repeat it:

ronald@Azure:~$ az configure --defaults group=RG-TEST location=westeurope

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

RG_NAME=RG_TEST
LOCATION_NAME=westeurope
az group create --resource-group $RG_NAME --location $LOCATION_NAME

az configure --defaults group=$RG_NAME location=$LOCATION_NAME

Create Cosmos-DB and retrieve Connection-String

Retrieve the Conection-String of the Endpoint:

ronald@Azure:~$ COSMOS_DB_ENDPOINT=$(az cosmosdb create \
>   --resource-group RGTEST \
>   --name $COSMOS_DB_NAME \
>   --query documentEndpoint \
>   --output tsv)

ronald@Azure:~$ echo $COSMOS_DB_ENDPOINT
https://aci-cosmos-db-4711.documents.azure.com:443/

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

ronald@Azure:~$ COSMOS_DB_MASTERKEY=$(az cosmosdb keys list \
>   --resource-group RGTEST \
>   --name $COSMOS_DB_NAME \
>   --query primaryMasterKey \
>   --output tsv)
ronald@Azure:~$ echo $COSMOS_DB_MASTERKEY
nVcsc0lq5troD9XgUl5RRONXUpaxX0pkK06qmDItkvXAUrRONyJHaasial3G8dajcc6tn6Y12i2D29tKP99CUw==

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.

vSphere vCenter – PowerShell: reliable Connection

From time to time the first try to connect to a vCenter-Server fails, building a simple loop to allow a limited number of retries fixes this possible issue.

$vSphereServer = "vcsa.local"
$vSphereUser = "administrator@vsphere.local"
$vSpherePassword = "********"

$result = @{}

$retries = 6
$viConnection = $null
#
while ($viConnection -eq $null) {
    # My-Logger 'Connecting to Management vCenter Server $vSphereServer ...'
    #
    $error.clear()
    $viConnection = Connect-VIServer $vSphereServer -User $vSphereUser -Password $vSpherePassword -WarningAction SilentlyContinue
    #
    if ($viConnection -eq $null) {
        $retries = $retries - 1
        if ($retries -eq 0) {
            throw ("Connecting to vCenter ($vSphereServer) failed ($vSphereUser): $error")
        }
        Start-Sleep -s 10
    }
}
$result.viConnection = $viConnection

Disclaimer

Since i’m trying to get rid of Evernote, too anoying too often, i’ll start to document non-private-stuff here.