You are not logged in.

#1 2024-11-17 21:25:29

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,719
Website

Regenerate 2FA for Arch Linux gitlab

I replaced my mobile with a new one and need to register lastpass with Arch Linux SSO for use with the gitlab bug tracker.  Is there a link detailing the steps to setup my account within a 2FA app such as lastpass?  I did not see anything on the wiki nor via ddg searching.

Last edited by graysky (2024-11-17 21:25:57)

Offline

#2 2024-11-17 21:59:51

progandy
Member
Registered: 2012-05-17
Posts: 5,286

Re: Regenerate 2FA for Arch Linux gitlab

It is a standard keycloak instance with TOTP.

You should be able to add authenticator apps here:
https://accounts.archlinux.org/realms/a … signing-in

First, you need to sign in with your password and your old otp, then follow the steps displayed on the page.

Mobile Authenticator Setup

Warning: For security reasons, we may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials. For this reason, it is highly recommended that you backup your credentials.

    Install one of the following applications on your mobile:
        Android
            Aegis
            andOTP
            FreeOTP+
        iOS
            Authy
            LastPass Authenticator
            OTP Auth
        PC
        Having the second factor on the same device reduces the security it provides
            Wiki Article

    Open the application and scan the barcode:
    Figure: Barcode

    Unable to scan?

    Enter the one-time code provided by the application and click Submit to finish the setup.

    Provide a Device Name to help you manage your OTP devices.


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

#3 2024-11-17 22:08:32

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,719
Website

Re: Regenerate 2FA for Arch Linux gitlab

Thanks for the reply.  The issue is that none of my profiles got migrated to the new mobile so I have no OTP generating by LastPass Authenticator.

Offline

#4 2024-11-17 22:23:03

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,439

Re: Regenerate 2FA for Arch Linux gitlab

Did you backup the TOTP token somewhere else? Do you still have the old phone? Or maybe a screenshot of the QR code gitlab holds into your face?

Otherwise you'll need admin intervention, you can send a mail "My dog ate my TOTP device" to "accountsupport æt archlinux døt org"

Online

#5 2024-11-17 23:25:17

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,719
Website

Re: Regenerate 2FA for Arch Linux gitlab

Thanks Seth.  No, I haven't needed that app for a few months now and the old phone is long gone.

Offline

#6 2024-11-17 23:35:08

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 69,439

Re: Regenerate 2FA for Arch Linux gitlab

Keep a backup of the QR code or qrdecode it and backup the string, https://bbs.archlinux.org/viewtopic.php … 6#p2175636

TOTP is just a symmetric key (yes, the thing everyone freaks out about "they stored the passwords and not just hashes???") that's then hashed w/ a time bracket so you only have to enter a short number - all of which is insanely dumb, so it's hidden behind QR codes and apps and whatnot roll because if people would see what it actually is, they'd all be slapping their faces naked gun style…

Online

Board footer

Powered by FluxBB