Amazon2023 Image Support

Maharshi · ‎08-21-2023

Hi Team,

Does Duo_Unix support the Amazon 2023 Machine Image? We've observed compatibility issues between OpenSSL 1.x and OpenSSL 3.x, with no backward compatibility between them. Which version of Duo_Unix should be used for the Amazon 2023 image on an EC2 instance?

DuoKristina · ‎08-24-2023

The latest version of Duo Unix should be fine with OpenSSL 3. I don't think we've specifically tested that release on Amazon Linux 2023 though.

Duo, not DUO.

Maharshi · ‎08-25-2023

I'm encountering an error with login_duo. Here's the error message:

login_duo: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory
However, I've noticed that /lib64 has different versions of libssl and libcrypto.
lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so -> libssl.so.3.0.8
lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so.3 -> libssl.so.3.0.8
-rwxr-xr-x. 1 root root 689368 Jun 8 01:51 libssl.so.3.0.8
-rwxr-xr-x. 1 root root 435064 Mar 3 16:37 libssl3.so

DuoKristina · ‎08-29-2023

Did you build this from source? Which OpenSSL is sshd using? Run ldd $(which sshd) and see if libcrypto is 1 or 3.

Duo, not DUO.

DuoKristina · ‎08-31-2023

I think you might also have posted this as an issue in our duosecurity/duo_unix GitHub repository as well?

If so, please build login_duo from source instead of trying to use the Fedora package.

If you aren't the same person, the advice to build from source on Amazon Linux still applies.

Duo, not DUO.