I have been running DuoAuthProxy successfully in Windows with service_account_password_protected in autproxy.cfg
Now I have migrated DuoAuthProxy to Linux and then service_account_password_protected does not seem to work. If I change it to service_account_password and password in clear text it works.
Is service_account_password_protected not supported in Linux?
Hi Tonny,
service_account_password_protected is indeed not supported when running the Duo Authentication Proxy on Linux as we do not have a Linux version of the authproxy_passwd.exe program. Even if you had copied the configuration to a different Windows machine, it still would not work:
The encrypted password or secret is specific to the server where it was generated, and will not work if copied to a different machine. If you have multiple Authentication Proxy servers, be sure to run authproxy_passwd.exe separately on each one.
You can read more about encrypting passwords in the Authentication Proxy Reference Guide here: https://duo.com/docs/authproxy_reference#encrypting-passwords
Here’s an article with some recommendations for protecting the Authentication Proxy config file on Linux (in the absence of a built-in tool for encrypting the secret and password strings):