Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have many service accounts, all with UID numbers less than 1000 which use ssh, rsync over ssh and sftp. I do not want them to have to use Duo, since they are all accessed with scripts and have very limited access anyway. Root (UID=0) is turned of...
What I ended up doing was creating a group named “duo” into which I added all regular shell-based users, enforced through puppet. Then I added this into /etc/duo/pam_duo.conf
groups=duo
That took care of it for me.
