Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2834
Views
1
Helpful
3
Replies

Protected password DuoAuthProxy in Linux

Go to solution
Tonny_Andersson
Level 1
Level 1

‎03-26-2018 04:27 AM

I have been running DuoAuthProxy successfully in Windows with service_account_password_protected in autproxy.cfg

Now I have migrated DuoAuthProxy to Linux and then service_account_password_protected does not seem to work. If I change it to service_account_password and password in clear text it works.

Is service_account_password_protected not supported in Linux?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Dooley
Level 3
Level 3

‎03-26-2018 07:15 AM

Hi Tonny,
service_account_password_protected is indeed not supported when running the Duo Authentication Proxy on Linux as we do not have a Linux version of the authproxy_passwd.exe program. Even if you had copied the configuration to a different Windows machine, it still would not work:

The encrypted password or secret is specific to the server where it was generated, and will not work if copied to a different machine. If you have multiple Authentication Proxy servers, be sure to run authproxy_passwd.exe separately on each one.

You can read more about encrypting passwords in the Authentication Proxy Reference Guide here: https://duo.com/docs/authproxy_reference#encrypting-passwords

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Dooley
Level 3
Level 3

‎03-26-2018 07:15 AM

Hi Tonny,
service_account_password_protected is indeed not supported when running the Duo Authentication Proxy on Linux as we do not have a Linux version of the authproxy_passwd.exe program. Even if you had copied the configuration to a different Windows machine, it still would not work:

The encrypted password or secret is specific to the server where it was generated, and will not work if copied to a different machine. If you have multiple Authentication Proxy servers, be sure to run authproxy_passwd.exe separately on each one.

You can read more about encrypting passwords in the Authentication Proxy Reference Guide here: https://duo.com/docs/authproxy_reference#encrypting-passwords

0 Helpful

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎03-26-2018 08:23 AM

@Tonny_Andersson

Here’s an article with some recommendations for protecting the Authentication Proxy config file on Linux (in the absence of a built-in tool for encrypting the secret and password strings):

https://help.duo.com/s/article/3886

Duo, not DUO.

Go to solution
Tonny_Andersson
Level 1
Level 1

‎03-26-2018 12:36 PM

Thank you very much for sorting this out for me!

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents