Installs Duo Unix 2-factor authentication. Currently tested (barely) on Debian 7.0 x32, Ubuntu 12.04 x32 Server, Ubuntu 12.10 x32 Server
Where available this cookbook installs from Duo Security's pre built apt repository on Ubuntu/Debian. Otherwise it will build from source.
Using the OpenSSH cookbook to manage ssh configuration means that only the sshd attributes defined in this cookbook or elsewhere will will end up in sshd_config. This can cause unexpected behaviour.
This cookbook uses Test Kitchen to run ServerSpec tests.
- Opscode OpenSSH cookbook
- Debian/Ubuntu
See the Duo Unix documentation for details on required attributes, and see attributes/default.rb for set defaults.
Minimum requirements for this recipe are:
node['duo_unix']['conf']['integration_key']- Your Duo Unix integration keynode['duo_unix']['conf']['secret_key']- Your Duo Unix integration secret keynode['duo_unix']['conf']['api_hostname']- Your Duo Unix integration api hostname
To force the recipe to build from source set:
node['duo_unix']['from_source'] = true
Complete the 'first steps' as described in the Duo Unix documentation.
{ "run_list":[
"recipe[duo_unix]"
],
"duo_unix": {
"conf" :{
"integration_key" : "YOUR_INTEGRATION_KEY",
"secret_key" : "YOUR_SECRET_KEY",
"api_hostname" : "YOUR_API_HOSTNAME"
}
}
}
- Support PAM configuration.
- More testing.
- Author:: Hung Truong ([email protected])
Copyright:: 2013 Hung Truong
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.