NOTICE: This method has been superseded by this method because it is simpler and works for sites the old method doesn't.

I found a way to get Google Authenticator functionality on my N900.

What it is

Google Authenticator is a software based two-step authentication token. It provides a six digit number you can provide in addition to your username and password to log in to supported websites and services, such as your Google account, LastPass, Dropbox, and SSH.

Some people use Google's SMS verification to receive their codes, but this isn't available for 3rd party services, and requires connectivity with a cellular network. Google Authenticator is offline, and compatible with several other sites and applications.

Unfortunately, Google Authenticator service was not available for Fremantle, until now.

How to get it

I'm documenting what I did to get it to work on my phone. If this is relevant to you, let me know, and I may package it up neat. I tested this on the N900, but it should work on any Fremantle with little effort. Harmattan users may be interested in the modified source code for the bug fix, but you may have trouble running the non-packaged code (see Troubleshooting). It's possible I left some steps out.

1. Download and install the GAuth package for Harmattan from https://github.com/jkingok/harmattan-pygauth/downloads.
$ wget https://github.com/downloads/jkingok..._1.6_armel.deb
$ dpkg -i pygauth_1.6_armel.deb

2. Modify pygauth source code to either (a) fix translate calls, or (b) remove translate calls (and be careful how you input fields later on).
You can accomplish the former by replacing /opt/pygauth/bin/pygauth with the file attached to this post (decompress it first).

3. Begin the two-step authentication setup on the website you choose, and scan the QR code with your phone.

4. Copy the URL provided, paste it into the following command line, and run it:
$ python /opt/pygauth/bin/pygauth <URL>
You should see GAuth load and start displaying 6 digit verification codes that change regularly.

5. Enter the verification code into the service to make sure it works properly. If not, you may have syncing issues. See Troubleshooting below.

I haven't tested this process on all websites and services. You may have to adapt it to suit your needs.

Troubleshooting

• Incorrect Verification

If you see the verification codes, but they aren't working when you enter them, your phone's time is probably out of sync with the service you're verifying to. GAuth codes are time based and expire quickly. Make sure your phone is set as accurately as possible to the correct time.

• Harmattan Users

Harmattan users might be interested in the modified script to fix a possible bug in your official package; however, it may not run due to your package protection features. Please, seek support in the Harmattan community for this until your official package is updated.

Feel free to report any other bugs you find.

There's also this, which I've been using for a while with no problem: https://github.com/neush/otpn900

There's also https://github.com/neush/otpn900, which I have been using for quite a while without any problems.

I am unable to get dovf's method to auth for 3rd party sites using the instructions provided (to the tee). It is producing incorrect validation codes.

What is the status of this?


Is this the best option right now for Google Authenticatoring on the N900?

I've gotten it to work on some sites. Others seem to be using longer keys and GAuth isn't working.

When I first started using otpn900, I had a problem which turned out to be that I was converting to base32 incorrectly. As explained at [1], "the Base32 encoding scheme defined by RFC 4648 is not the same as base-32 mathematical notation (because the encoding avoids easy-to-confuse characters like I and O)". Once I performed the conversion correctly, it works well.

One way to perform this conversion on linux is using oathtool (this example uses the key in otpn900's google authenticator tutorial):

which produces the output
"Hex secret" is the input you need to give otpn900.

Hope this helps!


[1] http://zaitcev.livejournal.com/214579.html

Here is a simpler CLI solution that works even for the sites I tested:
http://talk.maemo.org/showthread.php?p=1348169