Gitlab update, 2FA now mandatory
Andrius Štikonas
stikonas at kde.org
Tue Oct 25 00:58:00 BST 2022
2022 m. spalio 24 d., pirmadienis 00:16:30 BST Jack rašė:
> On 2022.10.23 02:32, Ben Cooksley wrote:
> > Hi all,
> >
> > This afternoon I updated invent.kde.org to the latest version of
> > Gitlab,
> > 15.5.
> > Release notes for this can be found at
> > https://about.gitlab.com/releases/2022/10/22/gitlab-15-5-released/
> >
> > There isn't much notable feature wise in this release, however there
> > have
> > been some bug fixes surrounding the "Rebase without Pipeline"
> > functionality that was introduced in an earlier update.
> >
> > As part of securing Invent against recently detected suspicious
> > activity I
> > have also enabled Mandatory 2FA, which Gitlab will ask you to
> > configure
> > next time you access it. This can be done using either a Webauthn
> > token
> > (such as a Yubikey) or TOTP (using the app of choice on your phone)
> >
> > Should you lose access to your 2FA device you can obtain a recovery
> > token
> > to log back in via SSH, see
> > https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#generate-new-recovery-codes-using-ssh
> > for more details on this.
> >
> > Please let us know if there are any queries on the above.
> >
> > Thanks,
> > Ben
> Sorry to be dense, but without a webauthn token device, it seems I'm at
> a total block if I don't have a phone (or don't have it with me.) Is
> that correct, or is there some fine manual I need to read?
>
> Thanks.
>
> Jack
>
Hi,
You can actually made webauthn token device yourself if you are willing to do a bit of work.
You can buy a couple of ST-Link V2 debuggers for a few euros, use one of them to reflash another
with U2F firmware (e.g. https://github.com/gl-sergei/u2f-token) and then register it in Gitlab.
Kind regards,
Andrius
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20221025/d6df12af/attachment.sig>
More information about the kde-community
mailing list