converting andOTP OATH TOTP keys to Yubico Authenticator app

Converting andOTP OATH TOTP keys to Yubico Authenticator app using one-liner in Linux

converting andOTP OATH TOTP keys to Yubico Authenticator app

So you've got your Yubico Authenticator app and willing to convert your OATH TOTP keys into it.

Before you start, I want to mention that I really do not recommend doing it the following way as this might leak your OATH OTP keys!
You should instead re-seed your OTP 2FA keys directly at their source you have initially gotten them.

But if you are a lazy ass or just wondering how this can be done, continue reading.

1. Install the prerequisites

sudo apt-get -y install jq feh qrencode

2. Get your keys from andOTP app

Export your andOTP backup in json format.

$ gpg -qd otp_accounts_2021-01-20_19-39-37.json.gpg.pgp | jq -r '.'  > SENS

3. Scan them with Yubico Authenticator

The following one-liner is going to present you with the QR images which you will scan using your Yubico Authenticator app.

$ c=0; n=$(cat SENS | jq -r '. | length'); while [ $c -lt $n ]; do echo "Processing $c OATH OTP ..."; cat SENS | jq --arg c "$c" -r '.[$c | tonumber] | "otpauth://totp/" + (.label | @uri) + "?secret=" + .secret + ( if (.issuer == ""  or .issuer == null) then "" else ("&issuer=" + (.issuer|@uri)) end) + "&algorithm=" + .algorithm + "&digits=" + (.digits | tostring) + "&period=" + (.period | tostring)' | tr -d '\n' | qrencode -o - | feh -; let c=c+1; done

Don't forget to shred your sensitive OATH TOTP keys after you've done!

$ shred -uvz SENS

If you followed this process, I still strongly encourage you to re-seed your OATH OTP keys directly at their source you've initially obtained them.