5cd5f92f62bbc2f99bb9e064ea2ded4224717861
duo-ssh-faq.md
| ... | ... | @@ -4,24 +4,40 @@ |
| 4 | 4 | |
| 5 | 5 | You'll need to register your device with Duo to receive security codes, and can receive these codes by phone call, text message, or Duomobile app. |
| 6 | 6 | |
| 7 | -```bash |
|
| 7 | +``bash |
|
| 8 | 8 | ssh $username@duo-test.sbgrid.org |
| 9 | 9 | Password: [input password] |
| 10 | 10 | Please enroll at $url |
| 11 | -``` |
|
| 11 | +`` |
|
| 12 | 12 | |
| 13 | 13 | Copy the url into a web browser, and follow the prompts to register. |
| 14 | 14 | Please contact us at help@sbgrid.org if you encounter problems. |
| 15 | 15 | |
| 16 | 16 | ## Configuring Options in SSH configuration |
| 17 | 17 | |
| 18 | -Set `DUO_PASSCODE` environmental variable to `push` (Duo mobile app), `call` (SMS) or `phone` (phone call) in `~/.bashrc`, `~/.cshrc`, or `~/.zshrc`. |
|
| 18 | +The `DUO_PASSCODE` environmental variable can be used to configure the method duo will use for validation: `push` (Duo mobile app), `call` (phone call) or `sms` (SMS text method). |
|
| 19 | +This can be set on the remote side (for example, in `~/.bashrc` or `~/.cshrc` on `xtal2000.harvard.edu`): |
|
| 20 | + |
|
| 21 | +``bash |
|
| 22 | +# bashrc example |
|
| 23 | +export DUO_PASSCODE=push |
|
| 24 | +`` |
|
| 25 | + |
|
| 26 | +``csh |
|
| 27 | +# cshrc example |
|
| 28 | +setenv DUO_PASSCODE push |
|
| 29 | +`` |
|
| 30 | + |
|
| 31 | +Alternatively, this can be set locally by configuring `DUO_PROFILE` in `~/.bashrc`, `~/.cshrc` or `~/.zshrc` *and* by adding a `SendEnv` block to the local `~/.ssh/config`: |
|
| 19 | 32 | |
| 20 | -```bash |
|
| 33 | + |
|
| 34 | +``bash |
|
| 21 | 35 | Host duo_test |
| 22 | 36 | Hostname duo-test.sbgrid.org |
| 23 | 37 | SendEnv DUO_PASSCODE |
| 24 | -``` |
|
| 38 | +`` |
|
| 39 | + |
|
| 40 | +For non-interactive connections (`scp`, `rsync+ssh`), `push` or `call` must be used for `DUO_PUSH`, otherwise they will hang and timeout. |
|
| 25 | 41 | |
| 26 | 42 | ## Examples |
| 27 | 43 | |
| ... | ... | @@ -41,7 +57,9 @@ Passcode or option (1-3): 1 |
| 41 | 57 | |
| 42 | 58 | Pushed a login request to your device... |
| 43 | 59 | Success. Logging you in... |
| 44 | -```bash |
|
| 60 | +`` |
|
| 61 | + |
|
| 62 | +``bash |
|
| 45 | 63 | _________________________________________ |
| 46 | 64 | / Welcome to xtal200.harvard.edu user0. \ |
| 47 | 65 | \ You have landed on duo0-test. / |
| ... | ... | @@ -66,7 +84,7 @@ NOTE: |
| 66 | 84 | Email help@sbgrid.org for assistance, questions, or feedback. |
| 67 | 85 | |
| 68 | 86 | |
| 69 | -``` |
|
| 87 | +`` |
|
| 70 | 88 | |
| 71 | 89 | |
| 72 | 90 | ### scp/rsync/sftp |