2022 m. spalio 24 d., pirmadienis 00:16:30 BST Jack rašė: > On 2022.10.23 02:32, Ben Cooksley wrote: > > Hi all, > > > > This afternoon I updated invent.kde.org to the latest version of > > Gitlab, > > 15.5. > > Release notes for this can be found at > > https://about.gitlab.com/releases/2022/10/22/gitlab-15-5-released/ > > > > There isn't much notable feature wise in this release, however there > > have > > been some bug fixes surrounding the "Rebase without Pipeline" > > functionality that was introduced in an earlier update. > > > > As part of securing Invent against recently detected suspicious > > activity I > > have also enabled Mandatory 2FA, which Gitlab will ask you to > > configure > > next time you access it. This can be done using either a Webauthn > > token > > (such as a Yubikey) or TOTP (using the app of choice on your phone) > > > > Should you lose access to your 2FA device you can obtain a recovery > > token > > to log back in via SSH, see > > https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#generate-new-recovery-codes-using-ssh > > for more details on this. > > > > Please let us know if there are any queries on the above. > > > > Thanks, > > Ben > Sorry to be dense, but without a webauthn token device, it seems I'm at > a total block if I don't have a phone (or don't have it with me.) Is > that correct, or is there some fine manual I need to read? > > Thanks. > > Jack >
Hi, You can actually made webauthn token device yourself if you are willing to do a bit of work. You can buy a couple of ST-Link V2 debuggers for a few euros, use one of them to reflash another with U2F firmware (e.g. https://github.com/gl-sergei/u2f-token) and then register it in Gitlab. Kind regards, Andrius
signature.asc
Description: This is a digitally signed message part.