Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
129
Views
0
Helpful
0
Replies

PAM duo SFTP

sysadm mac
Level 1
Level 1

‎04-20-2024 10:20 AM - edited ‎04-20-2024 10:31 AM

I'm trying to configure DUO on CentOS and following these steps:

1.- Modification /etc/duo/pam_duo.conf

[duo]
; Duo integration key
ikey = INTEGRATION_KEY
; Duo secret key
skey = SECRET_KEY
; Duo API hostname
host = API_HOSTNAME

2.- Update /etc/ssh/sshd_config

PubkeyAuthentication no
PasswordAuthentication no
UsePAM yes
ChallengeResponseAuthentication yes
UseDNS no
AuthenticationMethods keyboard-interactive

3.- update /etc/pam.d/sshd
#%PAM-1.0
#auth required pam_sepermit.so
#auth substack password-auth
auth required pam_env.so
auth requisite pam_unix.so nullok try_first_pass
auth sufficient /lib64/security/pam_duo.so
auth required pam_deny.so
auth include postlogin

4.- update /etc/pam.d/system-auth

auth required pam_env.so
auth required pam_faildelay.so delay=2000000
#auth sufficient pam_unix.so nullok try_first_pass
auth required pam_unix.so nullok try_first_pass
auth sufficient /lib64/security/pam_duo.so
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
auth required pam_deny.so

SSH access works, but for SFTP (WinSCP, FileZilla) it doesn't prompt me for push or SMS.

How can I configure it?

0 Helpful
0 Replies 0
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents