Pam_duo (duo unix) not working for local tty login

rchase · ‎11-27-2018

pam_duo recently stopped working for logging in via local tty console.
Following the system-wide instructions for duo unix here: Duo Unix - 2FA for SSH with PAM Support (pam_duo) | Duo Security
Multifactor works for gui login, but not tty console logins.

OS: Ubuntu 16.04.5 LTS
Package: duo-unix
Version: 1.11.0-0

(package installed via apt repository - http://pkg.duosecurity.com/Ubuntu xenial main)

rchase · ‎11-27-2018

Update:
I’ve found if I roll back to version 1.10.1-0 the problem no longer exists.
Perhaps a bug was introduced in later versions. I’m unsure if there is an open method of submitting bug reports for pam_duo or I would have followed that method.

For those who need to install a specific version of duo, the command is

sudo apt install duo-unix=
or in this case
sudo apt install duo-unix=1.10.1-0

Of course you need to remove the installed package before rolling back.

Xander_Desai · ‎11-28-2018

Hi! Thank you for reporting!
This is a known bug and we are actually planning on releasing the fix today.
Sorry you got burned by this. I’ll make sure to post back here when it goes live.

Thanks for using Duo!

Xander_Desai · ‎11-28-2018

1.11.1 has been released!
Please try it out when you get the chance. I’d love to make sure that it resolves your issue.

rchase · ‎11-29-2018

Hi. Yes, the latest package (1.11.1) fixes the issue.
Thank you.