Advanced configuration properties for Duo 2FA
The properties listed here are only applicable if Duo two-factor authentication is being used. Support for Duo two-factor authentication is installed using the kcm-guacamole-auth-duo
package or enabled with the Docker installation. If using the keeper/guacamole Docker image, support for Duo two-factor authentication is configured using environment variables.
The API hostname, integration key, and secret key are provided for you by Duo when you registered Guacamole within Duo's "Admin" panel. Each of these values is required and is generated by Duo.
An arbitrary and random key must be provided for communicating with the Duo service. This key MUST be manually generated and MUST BE AT LEAST 40 CHARACTERS.
Any random value containing at least 40 characters will suffice. To quickly grab 40 random characters from /dev/random
:
Property name | Description |
---|---|
Property name | Description |
---|---|
duo-api-hostname
The hostname of the Duo API endpoint to be used to verify user identities, generated by Duo when you registered Guacamole within Duo's "Admin" panel. This value can be found within the application details in the "API hostname" field.
duo-integration-key
The integration key provided for Guacamole by Duo when you registered Guacamole within Duo's "Admin" panel. This value can be found within the application details in the "Integration key" field.
duo-secret-key
The secret key provided for Guacamole by Duo when you registered Guacamole within Duo's "Admin" panel. This value can be found within the application details in the "Secret key" field.
duo-application-key
The arbitrary, random key to use when communicating with the Duo service.