I used the rpm package to install: duo_unix-1.11.3-0.el8.x86_64
if I log directly into the jump server it requires a push notification: ssh jumpserver
If I just try to jump through the jump server it doesn’t. this is the command I was using: ssh -J jumpserver remotehost
on remotehost, I can see jumpserver as the host I’m logging in with. on jumpserver I see the sshd processes for the connection, one of which is owned by me.
i’ve got to be missing something obvious but for the life of me I can’t figure it out.
this is in the base of my sshd_config
for duo login 2fa
this is my login_duo.conf file
; Duo integration key
ikey = removed
; Duo secret key
skey = removed
; Duo API host
host = removed
failmode = safeIn the event of errors with this configuration file or connection to the Duo service
; this mode will allow login without 2FA.
failmode = secureThis mode will deny access in the above cases. Misconfigurations with this setting
; enabled may result in you being locked out of your system.
failmode = secure
; Send command for Duo Push authentication
pushinfo = yes
autopush = yes
groups = duologin
send_gecos = yes
This is my .ssh/config file