← all posts

Accessing the UoY VPN and VDS without using the Duo 2FA app

tl;dr:

  1. Download duo-cli
  2. Make a virtual environment and activate it: python3.6 -m venv venv && . venv/bin/activate
  3. Install the requirements: pip install -r requirements.txt
  4. Go to https://duo.york.ac.uk
  5. Get to the "add a device" flow
  6. Choose "tablet", then "Android"
  7. Pretend you have the Duo app installed, then click "Email me an activation link instead"
  8. In the virtual environment, run ./duo_activate.py URL, where URL is the link you just got emailed
  9. Each time you need a code, run ./duo_gen.py
  10. If you want to use a different 2FA app, run ./duo_export.py and scan the QR code it prints

Important note: the codes are counter-based, not time-based, so you must not generate codes which you don't use, or your local counter will get out of sync with the server's counter and your codes will no longer work.