Well, #MovingToGitlab is still a no-go unless they implement #U2F *without* requiring me to use the Google Authenticator app. I don't have a smartphone and don't feel like digging around for a compatible app for my desktop.
Not supporting SMS is fine, even ideal. But GitHub supports the use of recovery codes as an alternative, and that's I think what GitLab should do as well.
@swedneck Ah good, can you recommend a command line one that works on Debian? (Or I can look around; that's something I need to find for other reasons anyway.)
Their 2FA page just talks about Google Authenticator, which is why I gave up so fast.
@varx I can only recommend the andOTP app on F-Droid, as i don't use commandline (nor debian) myself. And yeah it's really weird that almost all sites mention google authenticator, and *nothing* else..
@varx If you use pass(1), there's a plugin for that: https://github.com/tadfisher/pass-otp#readme
Sometimes I just use the Ruby OTP library if I need a one-off.
@varx I now use OTP Client for this https://github.com/paolostivanin/OTPClient
@varx I'm a bit late, but Google Authenticator is based on RFC 6238 and there are many supported clients. I use andOTP on my Android phone which is perfectly compatible: https://f-droid.org/packages/org.shadowice.flocke.andotp/
There are many other options.
@alexgleason Ah, good to hear. I might poke them about actually saying something like "an OTP app such as Google Authenticator".
@varx You can use OTP just fine with desktop OTP programs, there are even command line ones. Gitlab also has recovery codes that you can use, you can even generate new ones via ssh if you have a valid ssh key for your account.