…
|
||
---|---|---|
.. | ||
DESCR | ||
PLIST | ||
README |
$OpenBSD: README,v 1.2 2014/09/09 06:02:09 ajacoutot Exp $ +----------------------------------------------------------------------- | Running ${FULLPKGNAME} on OpenBSD +----------------------------------------------------------------------- First steps =========== In order to use Duo Unix for two-factor authentication you have to first sign up for an account if you don't already have one. https://signup.duosecurity.com/ Then create a new UNIX Integration to get an integration key, secret key, and API hostname. (See: https://www.duosecurity.com/docs/getting_started) Once you have this information, edit ${SYSCONFDIR}/login_duo.conf to match your keys. Test login_duo ============== As a regular user, run ${PREFIX}/libexec/auth/login_duo. You should be provided with an enrollment link. Enroll your phone then run ${PREFIX}/libexec/auth/login_duo again. Once you provide a valid pass code you should get a SUCCESS message. Enable SSH two-factor authentication ==================================== To enable two-factor authentication add ForceCommand ${PREFIX}/libexec/auth/login_duo to your ${SYSCONFDIR}/ssh/sshd_config. Duo Security recommends disabling PermitTunnel and AllowTcpForwarding when using two-factor authentication. When finished, restart sshd.