Searching for New Authenticator in Linux to replace WinAuth
Now with WinAuth no longer working in Ubuntu because of missing mandatory dotnet installers from wine repository, I had to hunt for new application.
Ken Van-Dine created this Authenticator (https://snapcraft.io/authenticator) which can be easily installed using Snap. However it is still in Edge channel, means not yet stable. I tried to use it and unfortunately have to confirm it does not work in Ubuntu Fossa. Whenever we want to add new account, the submit button simply does nothing. Too bad. It actually has functionalities very similar with WinAuth. For me it is so secure because it is offline and can create offline encrypted backup.
Next alternative would be Twilio Authy (https://snapcraft.io/authy). This one is easy to install, easy to use and can synchronize your token data across laptops and smartphones. I have tested that, the sync was working although there is still minor bug. But my main concern is not that. The data, our token data, are backed up into Authy private cloud. Which means if it gets leaked or crossing our finger we don’t know what they can do with them — we will be screwed. I know that I sound a bit paranoid about this, but I prefer my sensitive data to not be stored online. Let me keep them offline at my house please, thank you.
Almost gave up searching the google — finally I found an Authenticator very similar with the one from snapcraft, but seems to be developed by different team and is available from different place. Flatpak. Even unlike the one in snapcraft, the release status is already stable at this point.
First of all we need to install flatpak:
sudo apt install flatpaksudo apt install gnome-software-plugin-flatpakflatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
Then a system restart is required before continuing to next step.
Next, to install Authenticator from flatpak:
flatpak install flathub com.belmoussaoui.Authenticator
There you go, now the Authenticator app should be available in your desktop ready to use. To add new token you can enter it manually, or scan barcode from your usb webcam, or do a screenshot from desktop. Very neat!
Do not forget to lock the application with password, you can find the option under preferences:
Q: Where Authenticator stores its data ?
Under your home folder, in folder ~/.var/app/com.belmoussaoui.Authenticator)
You might want to move that folder into encrypted Veracrypt drive and create symlink back to your home, so that anybody trying to access your hard disk directly could not steal it. But in order to fully copy or move that folder, you may need to restart Ubuntu and don’t launch the Authenticator app, so that the library inside the folder won’t get locked by OS.
haries@thinkpad-x1:~ cd ./var/app/haries@thinkpad-x1:~ mkdir -p /vera/.var/appharies@thinkpad-x1:~ mv com.belmoussaoui.Authenticator /vera/.var/appharies@thinkpad-x1:~/.var/app$ ln -s /vera/.var/app/com.belmoussaoui.Authenticator/ com.belmoussaoui.Authenticator
Assuming your encrypted drive is mounted under /vera folder.
Thanks for reading! Cheers 🍻