Duo hardware token


#1

Is it possible to use hardware token for linux ssh logins, for RD gateways and for AWS services ?


#2

Hey there @onkar.ambekar,

Linux SSH logins currently support using a hardware token for logging in already! When you’re prompted for selecting an option, instead of picking Phone or Push you can actually enter in your OTP right there unless the factor has been restricted by the administrator for that application.

RDGateway, unfortunately, can only accept auto-push or auto-call if push isn’t enabled on the device, this is because RDGateway does not provide a way to display an interactive screen to the users.

When you say AWS services do you mean AWS with the Duo Access Gateway or another way of logging into AWS with Duo?

Thanks,

Jamie


#3

Hey Jamie
Thanks for your response.

  1. Actually we want to enable 2FA with hardware token for AWS console.
    Do you have any doc or any info for same ?

  2. For Linux ssh logins with hardware tokens process is same as per mentioned in the below link, right ?
    https://duo.com/docs/duounix

Instead of selecting authentication method we have to enter OTP from hardware token while login through ssh, right ?

Thanks,
Onkar


#4

Hey @onkar.ambekar,

  1. The only way to protect the AWS console with the Duo service at the moment is using the Duo Access Gateway through SAML. This will show you the Duo Prompt which will let you type in hardware tokens.

  2. Yes, you can just type the hardware token code into the field when prompted to select the option for push or text.


#5

Thank you for your help