We use RADIUS to authenticate SSH users on our network infrastructure. We are thinking about using 2FA to tighten things up and are looking at Duo.
We have installed Duo Radius proxy and configured the clients to authenticate with the proxy and then the proxy to use the RADIUS server and put our Duo . However when a client logs on, the proxy is passing the credentials to the radius and logging user in without 2FA from DUO
Radius server is = Freeradius
Duo config :-