Finally, note that two-factor authentication only applies to logging into a login node of the HPC systems. Once on the system connections between nodes all use the cluster ssh keys as before.
What follows is optional if you wish to reduce the interactivity just a bit. There are times when you do not want to have to interact with the console and you can specify a push to happen automatically to your primary device. To accomplish this you will need to use a generated key (preferably with a passphrase and ssh agent) and set the DUO_PASSCODE environment variable.
env DUO_PASSCODE=push ssh -o SendEnv=DUO_PASSCODE neon.hpc.uiowa.edu Reading $DUO_PASSCODE... Pushed a login request to your device... Success. Logging you in...
In your script startup file, such as ~/.bash_profile, put the following
Windows systems are a little more difficult to set up automatic push from Duo. The description below uses Putty.
Go to the Data section of Connection and add the
Add and your screen should look like the following.
Go back to the
Session category, select
Default Settings, or whichever session is associated with the HPC system, and press
That will then have Duo send a push notification to your device whenever an ssh session is initiated. Note that you will need a smartphone or tablet for this to work.