Skip to Main Content
Information Technology Services
oneColumn

Osprey Server osprey.unf.edu

The server osprey.unf.edu was upgraded in December 2021. With it, as a security best practice, and in line with other UNF systems
directly accessible from the internet, the new Osprey server has been updated to support Duo two-factor authentication capabilities.

Osprey Server Features


Two-Factor Authentication

The requirement for Duo 2FA will add an additional prompt to the ssh login process and will require an additional settings change with some graphical SSH clients, such as the free Bitvise SSH client. Also, because this is a new server with new host keys, returning Osprey users should be aware that they will be prompted with a security warning notice that the host key is unknown and will be required to trust the new host.

Environment Upgrades

The updated programming environments available on the new Osprey server include:

Software Osprey (RHEL6) Osprey (RHEL8)
GCC (c/c++) 4.4.7 8.4.1
Golang (go) None go1.15.14
OpenJDK (java) 1.8 1.8
PERL 5.10.1 5.26.3
PHP 5.3.3 7.4.6
Python 2.6.6 3.9.2
Ruby 1.8.7 2.7.4

Authentication Settings


Duo 2FA setup on Osprey2.unf.edu will require changes to default connection settings, when using some graphical SSH/SFTP clients, such as the free Bitvise client available in the UNF Software Center.

  • Individuals need to change the clients default authentication method to "keyboard-interactive"
  • Individuals should also use only their n# as their Username, not a domain-qualified version such as 'unfcsd\n#'. 

Screenshot for a working Bitvise client profileScreenshot for a working Bitvise client profile

After successful password authentication, individuals already enrolled in Duo should get a second authentication prompt (2FA), with 

Osprey2 Duo menu optionsBitvise Duo menu options

If an individual is not yet to enrolled in Duo, they will be presented with a Duo enrollment URL to copy/paste into their browser or they can follow these instructions to complete Duo enrollment.

If an individual is already successfully enrolled in Duo but is still being presented with a Duo enrollment option, it's most likely they have entered the format of their username incorrectly. 

It should be only their n#, not 'unfcsd\n#' or 'n#@unfcsd.unf.edu' 

Improper username format causing additional Duo enrollment

Osprey Not Duo enrolled

SSH Host Key Changes


Working Bitvise client profile

If you are a returning Windows user using the Bitvise graphical ssh client, accept and save the host key change BitVise Accept Host Key Change

Working Putty client profile

If you are a returning Windows user using the Putty graphical ssh client, accept and save the host key change.

Putty Security Alert that host key does not match registry

Bitvise first-time or new device connection

Individuals using Bitvise and connecting for the first time should accept and save the New host key. The notification will also appear when connecting on a new device.  

Bitvise New Host Key

 

Putty first-time or new device connection

Individuals using Putty and connecting for the first time should accept and save the New host key. The notification will also appear when connecting on a new device.  

Putty security alert accept new host key