Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Finally, note that two-factor authentication only applies to logging into a login node of the HPC systems. Once on the system connections between nodes all use the cluster ssh keys as before.

Advanced setup

What follows is optional if you wish to reduce the interactivity just a bit. There are times when you do not want to have to interact with the console and you can specify a push to happen automatically to your primary device. To accomplish this you will need to use a generated key (preferably with a passphrase and ssh agent) and set the DUO_PASSCODE environment variable.


No Format
env DUO_PASSCODE=push ssh -o SendEnv=DUO_PASSCODE
Reading $DUO_PASSCODE...
Pushed a login request to your device...
Success. Logging you in...


In your script startup file, such as ~/.bash_profile, put the following

export DUO_PASSCODE=push



Windows systems are a little more difficult to set up automatic push from Duo. The description below uses Putty.

Image Added

Go to the Data section of Connection and add the DUO_PASSCODE variable.

Image Added

Click Add and your screen should look like the following.

Image Added

Go back to the Session category, select Default Settings, or whichever session is associated with the HPC system, and press Save.

Image Added

That will then have Duo send a push notification to your device whenever an ssh session is initiated. Note that you will need a smartphone or tablet for this to work.