3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/modules/security
Austin Seipp 29d46452dd nixos: add Duo Security module
This module adds the security.duosec attributes, which you can use to
enable simple two-factor authentication for NixOS logins.

The module currently provides PAM and SSH support, although the PAM unix
system configuration isn't automatically dealt with (although the
configuration is automatically built).

Enabling it is as easy as saying:

  security.duosec.ssh.enable = true;
  security.duosec.ikey       = "XXXXXXXX...";
  security.duosec.skey       = "XXXXXXXX...";
  security.duosec.host       = "api-XXXXXXX.duosecurity.com";
  security.duosec.group      = "duosec";

which will enforce two-factor authentication for SSH logins for users in
the 'duosec' group.

This requires uid/gid support in the environment.etc module.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-03-16 07:11:50 -05:00
..
apparmor-suid.nix Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
apparmor.nix Remove uses of the "merge" option attribute 2013-10-28 22:45:56 +01:00
ca.nix Remove /etc/ca-bundle.crt 2014-02-11 17:13:36 +01:00
duosec.nix nixos: add Duo Security module 2014-03-16 07:11:50 -05:00
pam.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00
pam_usb.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00
polkit.nix polkit: Add some examples 2013-11-18 18:04:17 +01:00
prey.nix add prey: Proven tracking software that helps you find, lock and recover your devices when stolen or missing 2013-10-14 11:57:48 +02:00
rngd.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00
rtkit.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00
setuid-wrapper.c Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00
setuid-wrappers.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00
sudo.nix Add lots of missing option types 2013-10-30 18:47:43 +01:00