- An account with Duo Security
- A linux host with sshd
- I followed their instructions for geting Duo Unix working.
- This worked fine, except for when I wanted to log in from my local LAN, which required me to use the Duo Push, and that got annoying. This was especially annoying when I was transfering files between my hosts.
- I added this to my /etc/ssh/sshd_config file and restarted sshd.
Match Address *,!10.0.0.0/24 X11Forwarding yes ForceCommand /usr/local/sbin/login_duo
This tells sshd to force anything not coming from my home netowrk to run the /usr/local/sbin/login_duo command.
That's it. After that, it just worked.