Duo Two-Factor Authentication
To better protect university resources, ACER utilizes Duo to implement Two-Factor authentication (2FA) for providing access to UIC’s HPC clusters. 2FA increases security as it requires two different methods to verify a user’s identity before granting access to the resources:
- Your UIC NetID and associated password, followed by
- 2FA Duo Tokens that can be accessed by either phone, text, or Duo Mobile App.
To set up your Duo 2FA authentication and learn more about the process, please visit UI verify page here. Duo App is available for both Apple and Android stores and is relatively easy to set up and use for authentication.
- Login using Duo
- Using File transfer clients with Duo
Login using Duo
Login on Extreme using Duo is fairly easy. Each user needs to follow these steps for every new user session to verify their identity:
- Login using SSH on Extreme as shown –
- After entering the password correctly, you will be prompted by Duo with a similar screen depending on your configuration –
- Based on the option selected, Duo will guide you through the authentication process.
- Once you’re authenticated with Duo, our system will grant you access to the cluster.
Please contact email@example.com if you experience any difficulties in setting up your Duo.
Using File Transfer Clients and Duo 2FA
Some file transfer clients try multiple concurrent or new connections to transfer files. A user might then have to authenticate multiple times using Duo. To avoid having to authenticate for each new connection, following application-specific steps can be used:
Once you have your second factor set up at https://verify.uillinois.edu,
- Open cyberduck -> sftp and log in with your NetID and password.You will be prompted to use two-factor authentication.
- After logging in with your NetID and password, you will be asked for provide a secondary password. In the Secondary Password field, type the appropriate option depending on your Duo preferences.1 : Duo push – Use this if you have the DUO app installed on your smartphone.
2 : Phone call: Use this to receive a call on the phone number you registered Duo with
3 : SMS Passcodes: Use this to receive s SMS on the phone number you registered Duo with
To transfer multiple files, make sure to select “browser session” in settings/preferences to avoid authenticating your second factor for every file transfer.
In case you haven’t downloaded the Duo app on your smartphone, ‘phone call’ and ‘SMS passcode’ will be your 1 and 2 options respectively.
SecureCRT and SecureFX
- After creating a new session(For example for login-1.extreme.acer.uic.edu)you’ll be prompted to enter NetID and password.
- A new dialog box appears with the 3 Duo options as in the image above. Please note that you’ll get 2 options if you don’t have the app installed on your smartphone.