Options for implementing two-factor authentication for privileged access to servers, applications, and network infrastructure

On this page:


Overview

Recent changes to Indiana University's Security of Information Technology Resources (IT-12) policy require use of two-factor authentication for privileged access (i.e., root or system administrator access) to servers, applications, and network infrastructure where practicable.

This page lists some of the options available for implementing Duo two-factor authentication at IU.

Operating system and application integrations

Duo provides a number of native integrations with applications and operating systems. For a complete list, see the Duo Support Applications page. If an integration is available for your product, you may request an integration key using the instructions in Integrate Duo with an application.

Duo Unix PAM module

You can add Duo two-factor authentication to a Linux-based bastion server by deploying the pam_duo PAM module. For installation instructions, see Duo Unix - Two-Factor Authentication for SSH with PAM Support (pam_duo).

To complete the configuration, the system administrator will need to request a Duo integration key using the instructions in Integrate Duo with an application.

Groups VPN

IU's Groups VPN uses Two-Step Login (Duo) authentication to restrict access to administrative environments. For more, see Use the IU Groups VPN to restrict remote access to your team's administrative resources.

This is document apfa in the Knowledge Base.
Last modified on 2018-11-06 11:40:33.

Contact us

For help or to comment, email the UITS Support Center.