12-08-2017 12:21 PM
I’ve configured the Duo Auth Proxy on a Ubuntu 16.04 box. It is acting as a radius server, verifying against my AD schema. Logins to the console work flawlessly after some general modifications to the pam.d/login file. Where I’m experiencing issues is with ssh.
When logging in with a valid user (specified by the authconfig settings), I do get prompted by Duo, but my response time is less than 5 seconds in many cases. By the time the Duo app prompts me, ssh has already failed login and prompts me to re-enter my password.
So far, this is the only thing holding me back from a 100% successful Linux implementation.
Thank you,
Larry
08-29-2018 03:48 PM
Can’t answer your completely, but we have implemented sssd and pam_duo, and it works fine for SSH. In fact, it will work for local accounts as well as sssd (AD) accounts - we use it for our external database-support NOC, who can ssh in and have Duo call one of 2 NOC phone numbers. Only tricky part there was pam and supporting local (console) login… but we figured our way through that.
Can you turn up the logging on sshd_config (DEBUG) and see what it is doing?
02-20-2023 09:47 PM
Im facing the same issue… were you able to solve this?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: