So you've got your Yubico Authenticator app and willing to convert your OATH TOTP keys into it.
Before you start, I want to mention that I really do not recommend doing it the following way as this might leak your OATH OTP keys!
You should instead re-seed your OTP 2FA keys directly at their source you have initially gotten them.
But if you are a lazy ass or just wondering how this can be done, continue reading.
1. Install the prerequisites
sudo apt-get -y install jq feh qrencode
2. Get your keys from andOTP app
Export your andOTP backup in json format.
$ gpg -qd otp_accounts_2021-01-20_19-39-37.json.gpg.pgp | jq -r '.' > SENS
3. Scan them with Yubico Authenticator
The following one-liner is going to present you with the QR images which you will scan using your Yubico Authenticator app.
$ c=0; n=$(cat SENS | jq -r '. | length'); while [ $c -lt $n ]; do echo "Processing $c OATH OTP ..."; cat SENS | jq --arg c "$c" -r '.[$c | tonumber] | "otpauth://totp/" + (.label | @uri) + "?secret=" + .secret + ( if (.issuer == "" or .issuer == null) then "" else ("&issuer=" + (.issuer|@uri)) end) + "&algorithm=" + .algorithm + "&digits=" + (.digits | tostring) + "&period=" + (.period | tostring)' | tr -d '\n' | qrencode -o - | feh -; let c=c+1; done
Don't forget to shred your sensitive OATH TOTP keys after you've done!
$ shred -uvz SENS
If you followed this process, I still strongly encourage you to re-seed your OATH OTP keys directly at their source you've initially obtained them.