January 2017

How to install DUO Security with Ubuntu 16.04 LTS

2017-01-23T11:38:21+00:00 January 19th, 2017|Linux, Security, Ubuntu|

install ssh (if its not installed)- go to

cd /etc/apt/sources.list.d/

create file in /etc/apt/sources.list.d/

sudo nano duosecurity.list

edit file and add this

deb http://pkg.duosecurity.com/Ubuntu xenial main

exit and install curl

sudo apt-get install curl

download duosecurity key and add to system

curl -s https://duo.com/APT-GPG-KEY-DUO | sudo apt-key add –

update apt

sudo apt-get update

install duo-unix

sudo apt-get install duo-unix

add key’s to /etc/duo/pam_duo.conf (Integration, Secret, API hostname) from duo website

sudo nano /etc/duo/pam_duo.conf

edit common-auth

sudo nano /etc/pam.d/common-auth

add to file at the bottom /etc/pam.d/common-auth (make sure there are no duplicates)

auth requisite pam_unix.so nullok_secure
auth [success=1 default=ignore] /lib64/security/pam_duo.so
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_cap.so

edit /etc/ssh/sshd_config add

sudo nano /etc/ssh/sshd_config

add

ChallengeResponseAuthentication yes
UsePAM yes
UseDNS no

if use public key add

PubkeyAuthentication yes
PasswordAuthentication yes
AuthenticationMethods publickey,keyboard-interactive

need to make some changes in the pam.d/sshd config

sudo nano /etc/pam.d/sshd

You need to comment out and add the following lines

#@include common-auth
auth [success=1 default=ignore] /lib64/security/pam_duo.so
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_cap.so

Load More Posts