ubuntu 23.10
I can access my employer’s local network if I authenticate with a 2fa. They suggest proprietary software, but aegis authenticator (found in fdroid) works fine.
The thing is, the phone’s screen is too small and it’s very cumbersome to navigate the screen and to click. It’s so bad I don’t want to use it, because fonts are so small you cannot read anything. It’s like they didn’t even try to optimize the local network for devices.
However, if I could emulate this app on an ubuntu based computer, I’d use it. Can it be done?
I don't understand the scenario here. Typically, you only need the TOTP (time-based one-time password) from your 2FA app, enter it on your computer, and you can use the computer to access your resources. The app itself is actually not even supposed to be on the same device, as an added layer of security.
It sounds like you need 2FA to run your company's VPN (is that correct?). On your computer, you would launch the VPN, it'll ask you for the TOTP (which you get from Aegis on your phone), and then you're logged in and able to access company resources (on your computer).
https://github.com/marcopaganini/termotp is a CLI authenticator program with fuzzy find capabilities explicitly designed to work with Aegis export files.
Copy the totp seed from aegis and use something like keepassxc to generate the codes
my method for running Android apps on my distro is to run an Android 9.0-r2 VM on QEMU/KVM via virt-manager
maybe this might work for you?
here's a guide I found for setting up Virt-manager on Ubuntu
and here's a vid for setting up Android x86 on Virt-manager
- not sure if this is the exact same vid I used but it should suffice
hope this works/fits your use case!
There's nothing special, it can be replaced with any TOTP/HOTP implementation. In particular,
oathtoolis supplied in most distros (it has only command line interface, probably there are also some GUI tools in your repos). However it does not support JSON key format that is provided as QR code for mobile 2FA apps. You have to copy and paste values from it manually.However this will likely violate your employer's security policy. The point of 2FA is that secret key is stored on a separate device, so that it cannot be stealed together with your password.
I recommend to try other Android apps on your phone. I use FreeOTP+ and have no problems with font readability. Some of my collegues use AndOTP and like it.
I used to use KDE's Keysmith until I put all my OTP codes into bitwarden
Firefox has 2FA extensions. Just remember that if both your authentications are on one device, you're not getting a huge security boost.
Just to add to the QEMU/KVM comment: you can also run an android emulator. The install process is a bit annoying (and contains too many "trust me bro" downloads from Google servers), but it is simple enough and you should be done in around 2h, modulo your uplink.
And at that point, using scrcpy actually helps with the keyboard input.
