Amazon2023 Image Support

Maharshi · ‎08-21-2023

Hi Team,

Does Duo_Unix support the Amazon 2023 Machine Image? We've observed compatibility issues between OpenSSL 1.x and OpenSSL 3.x, with no backward compatibility between them. Which version of Duo_Unix should be used for the Amazon 2023 image on an EC2 instance?

DuoKristina · ‎08-24-2023

The latest version of Duo Unix should be fine with OpenSSL 3. I don't think we've specifically tested that release on Amazon Linux 2023 though.

Duo, not DUO.

Maharshi · ‎08-25-2023

I'm encountering an error with login_duo. Here's the error message:

login_duo: error while loading shared libraries: libssl.so.10: cannot open shared object file: No such file or directory
However, I've noticed that /lib64 has different versions of libssl and libcrypto.
lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so -> libssl.so.3.0.8
lrwxrwxrwx. 1 root root 15 Jun 8 01:51 libssl.so.3 -> libssl.so.3.0.8
-rwxr-xr-x. 1 root root 689368 Jun 8 01:51 libssl.so.3.0.8
-rwxr-xr-x. 1 root root 435064 Mar 3 16:37 libssl3.so

DuoKristina · ‎08-29-2023

Did you build this from source? Which OpenSSL is sshd using? Run ldd $(which sshd) and see if libcrypto is 1 or 3.

Duo, not DUO.

DuoKristina · ‎08-31-2023

I think you might also have posted this as an issue in our duosecurity/duo_unix GitHub repository as well?

If so, please build login_duo from source instead of trying to use the Fedora package.

If you aren't the same person, the advice to build from source on Amazon Linux still applies. 🙂

Duo, not DUO.