external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-12 11:01:52 +00:00
Code Issues Releases Wiki Activity

Update security.md

Browse source 
Added Duo installation steps.
This commit is contained in:
Ylian Saint-Hilaire 2025-01-01 17:18:38 -08:00 committed by GitHub
parent 54bb0177ee
commit 7aa4061cad
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 26 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
docs/docs/meshcentral/security.md
View file

@ -27,3 +27,29 @@ Adjust these items in your `config.json`
}
}
```
## Duo 2FA setup
MeshCentral supports Duo as a way for users to add two-factor authentication and Duo offers free accounts for user 10 users. To get started, go to [Duo.com](https://duo.com/) and create a free account. Once logged into Duo, select "Applications" and "Protect an Application" on the left side. Search for "Web SDK" and hit the "Protect" button. You will see a screen with the following information:
- Client ID
- Client secret
- API hostname
Copy these three values in a safe place and do not share these values with anyone. Then, in your MeshCentral config.json file, add the following in the domains section:
```
{
"domains": {
"": {
"duo2factor": {
"integrationkey": "ClientId",
"secretkey": "ClientSecret",
"apihostname": "api-xxxxxxxxxxx.duosecurity.com"
}
}
}
}
```
Restart MeshCentral and your server should now be Duo capable. Users will see an option to enable it in the "My Account" tab. When enabling it, users will be walked thru the process of downloading the mobile application and going thru a trial run on 2FA. Users that get setup will be added to your Duo account under the "Users" / "Users" screen in Duo. Note that the "admin" user is not valid in Duo, so, if you have a user with the name "Admin" in MeshCentral, they will get an error trying to setup Duo.