I largely followed Florin's blog post, but have a few notes to add regarding issues I encountered:
- I used a YubiKey 4, while the blog describes using a YubiKey NEO. I'm sure a YubiKey 5 would also work. I'm also running macOS 10.13.6.
- I installed GPGTools as recommended. However, as I'll note later, it seems that
gpg-agent
only automatically starts when gpg is used; for ssh, you'll need to ensure it's running. - Before generating your keys, decide what key size you want to use. If you run the
list
command insidegpg --edit-card
, look for theKey attributes
line to see what is currently selected. On my YubiKey 4, it defaulted to 2048 bits for all keys:
Key attributes ...: rsa2048 rsa2048 rsa2048
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@startuml | |
skinparam handwritten true | |
"You/Browser" -> slack.com: 1. I would like to access my files on Google Drive via your interface. | |
slack.com -> "You/Browser": 2. You should apply the "Authorization Code" from Google for me first. | |
"You/Browser" -> account.google.com: 3. I would like to permit slack.com to access my files. | |
account.google.com -> "You/Browser": 4. Are you sure? | |
"You/Browser" -> account.google.com: 5. [Y] | |
account.google.com -> "You/Browser": 6. Okay. Here is the "Authorization Code." Plz give it back to slack.com now. | |
"You/Browser" -> slack.com: 7. You can do what I asked now (with the Authorization Code which is just received from Google.) | |
slack.com -> account.google.com: 8. I would like to exchange the "Authorization Code" for the "Access Token." |
Sometimes a python script will simply hang forever with no indication of where things went wrong. Perhaps it's polling a service that will never return a value that allows the program to move forward. Here's a way to see where the program is currently stuck.
Install gdb.
# Redhat, CentOS, etc
OlderNewer