npm-login-yubikey

Login to NPM, semi or fully automated, headless, scripted, non-interactive with a YubiCo YubiKey for 2FA (two factor authentication)

Project goals

No dependencies
Small, simple, easy to audit, yourself

Inspired by my previous project

Original version: https://www.npmjs.com/package/npm-automated-login-totp

Paranoid version: https://www.npmjs.com/package/npm-login-yubikey < You are here

Read that readme before using this.

Installation - 2 minute setup

Example username is: bob

npm install -g npm-login-yubikey
Install yubikey-manager aka ykman

Debian/Ubuntu/PopOS apt install yubikey-manager

Fedora/Redhat yum install yubikey-manager

In Python: pip install --user yubikey-manager

Windows choco install yubikey-manager

Mac brew install ykman

Enable 2FA on your NPM account

(on a secure computer with YubiKey plugged in)

Open your NPMjs.com profile page

https://www.npmjs.com/settings/bob/profile > Two-Factor Authentication

Click the link that says "Can't scan and need to type in the text code? Click here."

Let's pretend it says Your two-factor secret is: FOOBAR

Save your secret as 'npm' into your YubiKey

(leave out --touch if you want fully-automated, instead of semi-automated)

ykman oath accounts add --touch npm FOOBAR

Set environment variables for when you run npm-login-yubikey

On Linux, you could add this to your ~/.profile or ~/.bashrc On Windows/Mac, figure it out then please PR this Readme.
export NPM_USER='bob'
export NPM_PASS='best-password-ever'
export NPM_EMAIL='bob@email.com'
export NPM_OTPNAME='npm'

Close and reopen terminal
Run npm-login-yubikey

You should see: Logged in as bob on https://registry.npmjs.org/

Notes

Tested with YubiKey 5 Nano
We call the TOTP key 'npm' but you can call it whatever you like.

Provide 1 or more additional login options - optional

export NPM_EXTRA0='--registry=https://foo.com'
export NPM_EXTRA1='--scope=@orgname'
# ...
export NPM_EXTRA9='--future=proof'

Have fun!

Say thanks

Star the repo https://github.com/softwarecreations/npm-login-yubikey

Get notified of significant project changes

Subscribe to this issue https://github.com/softwarecreations/npm-login-yubikey/issues/1

PR's or issues

Welcome

License

MIT

npm-login-yubikey

npm-login-yubikey

Project goals

Installation - 2 minute setup

Notes

Provide 1 or more additional login options - optional

Say thanks

Get notified of significant project changes

PR's or issues

License

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

npm-login-yubikey

npm-login-yubikey

Project goals

Installation - 2 minute setup

Notes

Provide 1 or more additional login options - optional

Say thanks

Get notified of significant project changes

PR's or issues

License

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads