Forrest logo
tool overview
On this page you find all important commands for the CLI tool oathtool. If the command you are looking for is missing please ask our AI.


Oathtool is a command line tool used to generate and validate one-time passwords (OTPs) for time-based one-time password (TOTP) and HMAC-based one-time password (HOTP) algorithms.

It is a part of the OATH Toolkit, an open-source initiative aimed at developing tools and libraries for building OTP-based authentication systems.

Oathtool supports various authentication algorithms, including TOTP (time-based) and HOTP (counter-based), which are commonly used in two-factor authentication (2FA) systems.

With oathtool, you can generate OTPs by providing a secret key and a counter or timestamp. This makes it useful for integrating OTP generation into custom scripts or applications.

In addition to OTP generation, oathtool can also validate OTPs by comparing them against a provided secret key. This helps in verifying if the entered OTP is valid or not.

The tool supports different output formats, such as decimal, hexadecimal, and base32, making it flexible for different use cases.

Oathtool is available for various operating systems, including Linux, macOS, and Windows, allowing users to generate and validate OTPs on different platforms.

It can handle multiple secrets at once, allowing for batch generation or validation of OTPs.

Oathtool is extensively documented, with comprehensive man pages and examples, making it easy for users to understand and utilize its features.

Overall, oathtool provides a powerful and flexible command line interface for working with OTPs, making it a valuable tool for anyone implementing or working with two-factor authentication systems.

List of commands for oathtool:

  • oathtool:tldr:5eb7d oathtool: Generate a TOTP token for a specific time.
    $ oathtool --totp --now "${2004-02-29 16:21:42}" --base32 "${secret}"
    try on your machine
    explain this command
  • oathtool:tldr:84293 oathtool: Validate a TOTP token.
    $ oathtool --totp --base32 "${secret}" "${token}"
    try on your machine
    explain this command
  • oathtool:tldr:f7795 oathtool: Generate TOTP token (behaves like Google Authenticator).
    $ oathtool --totp --base32 "${secret}"
    try on your machine
    explain this command
tool overview