I am new to setting up Duo 2FA for Unix, yet new to Linux environment also. I have followed both log_duo and pam_duo instructions. What I am trying to figure out is how to implement Unix 2FA with an existing Duo User. I realized that when I “tested” pam_duo/login_duo, it generates creates a “root” user in the Duo Admin Panel. That is what I did not want. I would like Unix Duo to be carried thru an existing Duo User. Is there a way to divert this to an existing Duo User, such that it does not utilize a license?
Also is there a way to prevent from going to root@“username” after authenticating in Linux?
Yes, devices are attached to users only, not users AND endpoints, so a Duo user can authenticate to any application for which they are permitted using the same device, as long as the device type is permitted for those applications.
User A has an account on Computer A & B. Can User A authenticate his account on Computer A & B using one device ?
Yes, if User A exists in Duo with Phone A, and User A is permitted to log into the Duo applications installed on Computer A and B, User A can log into Computer B and authenticate with Phone A.