• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

autotools/H18-May-2020-24,52020,194

compat/H03-May-2022-1,324872

duo_unix_support/H03-May-2022-786656

lib/H03-May-2022-6,6205,175

login_duo/H03-May-2022-1,4441,263

pam_duo/H03-May-2022-1,5661,295

tests/H03-May-2022-11,7829,503

AUTHORSH A D18-May-2020486 2516

CHANGESH A D18-May-20205.4 KiB227132

CONTRIBUTING.mdH A D18-May-20202.2 KiB3926

LICENSEH A D18-May-202026.3 KiB540435

Makefile.amH A D18-May-2020444 2112

Makefile.inH A D03-May-202227.8 KiB883783

README.mdH A D18-May-20204.8 KiB155114

acconfig.hH A D18-May-2020413 2214

aclocal.m4H A D18-May-202040.1 KiB1,1191,020

config.h.inH A D18-May-20205.4 KiB220157

configureH A D18-May-2020458.4 KiB15,93413,251

configure.acH A D18-May-20205.2 KiB189162

README.md

1Duo Unix
2===
3[![Build Status](https://travis-ci.org/duosecurity/duo_unix.svg?branch=master)](https://travis-ci.org/duosecurity/duo_unix)
4[![Issues](https://img.shields.io/github/issues/duosecurity/duo_unix)](https://github.com/duosecurity/duo_unix/issues)
5[![Forks](https://img.shields.io/github/forks/duosecurity/duo_unix)](https://github.com/duosecurity/duo_unix/network/members)
6[![Stars](https://img.shields.io/github/stars/duosecurity/duo_unix)](https://github.com/duosecurity/duo_unix/stargazers)
7[![License](https://img.shields.io/badge/License-View%20License-orange)](https://github.com/duosecurity/duo_unix/blob/master/LICENSE)
8
9Duo two-factor authentication for Unix systems.
10
11Duo Unix includes a PAM module or alternatively a stand alone executable that can be used to protect programs such as SSH or Sudo.
12
13This repository is meant to be used for development or cutting edge versions of Duo Unix.
14For production deployments Duo recommends using our stable release tarballs or packages. Instructions can be found on our documentation page [Duo Unix Docs](https://duo.com/docs/duounix)
15
16
17## Getting Started
18
19These instructions are geared towards getting you up and running on your local machine for development and testing purposes.
20See the deployment section for notes on how to deploy Duo Unix in production.
21
22### Prerequisites
23
24You will likely want to have some kind of virtual machine when developing Duo Unix. If Duo Unix is configured incorrectly it has the potential to lock you out of a system. It's better to have that happen on a virtual machine instead of your computer.
25
26We recommend something like [Vagrant](https://www.vagrantup.com/) or [Docker](https://www.docker.com/)
27
28### Installing
29
30Install the necessary third party libraries.
31
32- Debian based Systems
33```
34$ sudo apt-get install autoconf libtool libpam-dev libssl-dev
35```
36
37- RHEL based systems
38```
39$ sudo yum install autoconf libtool pam-devel openssl-devel
40```
41
42- RHEL 7 and CentOS 7 systems with SELinux enabled
43```
44$ sudo yum install selinux-policy-devel
45```
46
47Clone the Duo Unix project down and enter the directory
48```
49$ git clone <paste the url here>
50$ cd duo_unix/
51```
52
53Run bootstrap to generate the configure script.
54```
55$ ./bootstrap
56```
57
58Run configure to generate your makefiles.
59```
60$ ./configure --with-pam --prefix=/usr
61```
62
63Build the project locally
64```
65$ make
66```
67
68Install the project. The install location will be the same as the prefix you specified in the configure step.
69```
70$ sudo make install
71```
72
73After installation add your integration keys to the config files
74- Visit the Duo Admin Panel and create a "Unix" integration if you don't have one already
75- Copy your ikey, skey, and api_host into the proper fields of the config files
76```
77$ vim /etc/duo/login_duo.conf
78$ vim /etc/duo/pam_duo.conf
79```
80
81Finally, test an auth!
82```
83$ sudo login_duo -f myusername 'echo "Hello World"'
84```
85You should only see "Hello World" if the authentication succeeds.
86
87## Running the tests
88
89The additional prereq for running the tests is python
90```
91#  RHEL Based
92$ sudo yum install python
93#  Debian Based
94$ sudo apt-get install python
95```
96
97To run all the automated tests simply run
98```
99$ make check
100```
101
102To run an individual test
103```
104$ cd tests/
105$ python cram.py login_duo-1.t
106```
107
108### Cram Tests
109
110For Duo Unix we use [Cram](https://bitheap.org/cram/) to do our testing. Each test file typically starts by creating a mock duo service. After we create that service we list commands followed by the expected output of that command.
111If the output matches, then the cram test passes. If not, it fails.
112
113Example passing test
114```
115$ echo "Hello World"
116Hello World
117```
118Example failing test
119```
120$ echo "Hello World"
121Goodbye World
122```
123
124### Other testing tips
125
126Each test creates the mockduo server for you, but if you need to run it manually to test things you can.
127Below is an example of running a mockduo server in one session and authenticating against it in another.
128```
129$ cd tests/
130$ python mockduo.py certs/mockduo.pem
131Now in a separate terminal window
132$ ../login_duo/login_duo -d -c confs/mockduo.conf -f my_username echo "Success"
133```
134This mock server can be a bit brittle so you may have to restart it if you start seeing very weird behavior.
135
136## Deployment
137
138For production deployments Duo recommends using our stable release tarballs or packages. Instructions can be found on our documentation page [Duo Unix Docs](https://duo.com/docs/duounix)
139
140## Contributing
141
142Please read [CODEOFCONDUCT.md](CODEOFCONDUCT.md) and [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests to us.
143
144## Versioning
145
146We use [SemVer](http://semver.org/) for versioning.
147
148## License
149
150This project is licensed under the GPLv2 License - see the [LICENSE](LICENSE) file for details
151
152## Support
153
154Report any bugs, feature requests, etc. to support@duo.com
155