First I can’t agree more with @iwalker , get the “Authy” app for 2FA (two-factor) it is far better than any other app I’ve tried and would have helped me if I had used it for this but now I have GitLab in Authy as well
Anyone that is stumbling across this post like I did and has a user token setup (with the correct permissions) you can try this below. This worked for me after a bit of trial and error of figuring it out
# Create a RSA key and save it to a location you prefer with a name that is helpful.
# In my example I save it as /Users/dkittell/repo/GitLabKittell
# ssh-keygen -t rsa
userToken="<user token>"; # Put in your valid user token
gitServer="https://gitlab.com" # If on public GitLab keep this otherwise change to your server address
sshName="GitLabKittell" # This will be the name of the SSH Key that will show in GitLab Web GUI
sshKey=$(cat /Users/dkittell/repo/GitLabKittell.pub) # Make sure to put in the full path of the key pub
# Run this curl command with all the above constants in terminal and it should create the key for you provided you have a valid user token
curl -X POST -F "private_token=${userToken}" -F "title=${sshName}" -F "key=${sshKey}" "${gitServer}/api/v4/user/keys"
# Run this command (change the pub key path and remove the .pub) to create new recovery codes.
# Note: it will prompt you with a yes/no response
ssh -i /Users/dkittell/repo/GitLabKittell git@gitlab.com 2fa_recovery_codes