Installing Duo Security on Ubuntu 12.04

Duo Security offer a free two factor authentication (limited to 10 users), which I have found very useful to secure servers.

First install the compiling software

sudo apt-get install build-essential automake checkinstall libssl-dev libpam-dev

Visit to download the latest version of of install, and use wget to dowload it.

sudo wget

Extract the file

tar zxf duo_unix-latest.tar.gz

Now you need to compile the installation

cd duo_unix-1.9
sudo ./configure --prefix=/usr && sudo make && sudo make install

You now need to register your server with Duo.  To do this logon to the Duo Security Dashboard and add a new registration, copy the details into the following file:

sudo nano /etc/duo/login_duo.conf
; Duo integration key
; Duo secret key
; Duo API hostname

Now you need to test by running the following.  If this is your first time setting this up, you will be given an enrolment URL link to follow:


There are a number of ways to use Duo Security to authenticate you.  I prefer to do this on a user by user basis.  So I add the following at the start of the ~/.ssh/authorized_keys file.  This SSH to authenticate me using both certificate and Duo together.


If you want to enable it for all users, the you can add the following to the bottom of the /etc/ssh/sshd_config file:


and the restart the ssh service:

sudo service ssh restart