Suddenly Duo stopped working - SOLVED


#1

I installed duo to a bunch of new unix systems the other night and now I am discovering that all of them are failing to let me in. I’m currently experimenting with login_duo (yes I know I should switch to pam, avoid that for now) and it appears SSH let’s me in and then the call to /usr/sbin/login_duo does nothing. If I manually run login_duo from the command line it returns nothing.

How do I figure what’s failing here? It was all working the other day. In fact, a server I setup 3 YEARS ago is suddenly not working either. I’m having a hard time finding anything in any logs to show me what to look at.


#2

Welp, solved my own problem just after posting this (as usual)

I finally found -d on login_duo and it reported one simple message: “Your account has been locked out due to excessive authentication failures. Please contact your administrator.”

How was it this difficult to actually be told my account was locked. Not a single notification anywhere.


#3

The Duo account owner can specify whether to send notifications to administrators about user lockouts. You can see how to configure this here.

We’ll examine returning information about account lockout in the prompt without using the debug flag.

Thanks for using Duo!