- Create the correct directory manually:
mkdir -p /usr/share/cb/plugins/duo
- Copy the /usr/share/cb/plugins/duo/duo_2fa_auth_callback.py file from a CB Response server to the above directory.
- Manually create the /usr/share/cb/plugins/duo/secrets.ini file and add the following content:
# Secret keys for your Duo security integration. Get your ikey, skey, and host from your Duo
# Security administrative console.
[duo]
ikey=
skey=
host=
[config]
# number of seconds a "session" should last until 2fa is required again. Default to 60
session_lifetime=500
# how to map Cb users to Duo users? Choices are "username" or "email". Default to "email"
duo_mapping=email
# create a new 2fa session for each source IP address? True or false. Default to "false"
use_ipaddr_session_key=false
# Uncomment the next section if you need a web proxy to reach the outside world
#[proxy]
#hostname=
#port=
#
## if the proxy requires authentication, put the username & password here
#username=
#password=
- Proceed with configuration steps described in the Integration Guide.