Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1414
Views
0
Helpful
0
Replies

DUO with LDAP hosted public keys

LoquaciousSage
Level 1
Level 1

‎12-06-2017 10:13 AM

My setup is to use DUO with publickey authentication over SSH. The keys are stored in LDAP.

When following the documentation for setting up DUO with UNIX, I’m running into a problem. I’ve verified that DUO is working by commenting out my pam_ldap.so line in /etc/pam.d/sshd. When I remove that comment, authentication fails.

I believe I’ve tracked that down to the following in sshd_config:

```

AuthenticationMethods publickey,keyboard-interactive

With this config, the LDAP authentication fails, since it is expecting keyboard-interactive, which is not going to work with a key exchange.

I've changed that line to the following:

    AuthenticationMethods publickey publickey,keyboard-interactive

Now, the LDAP piece works, but I never get prompted to authenticate with DUO, which defeats the whole purpose.

Is there something I'm missing here?
Labels:
0 Helpful
0 Replies 0
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents