OpenSSH adds support for FIDO/U2F security keys


OpenSSH, the internet’s most popular utility for managing remote servers, has added today support for the FIDO/U2F protocol.

This means that starting with OpenSSH 8.2, released today, users can configure a hardware security key when authenticating via SSH on a remote server.

After users log into a server by using their username& password, or a SSH authentication certificate, they’ll be required to present a FIDO/U2F-based USB, Bluetooth, or NFC-based security key as a second proof-of-identity.

Using a security key is currently considered one of the strongest multi-factor authentication (MFA) methods known today.

Using MFA, commonly referred to as 2FA (two-factor authentication), is the simplest way to prevent hackers from guessing or brute-forcing your SSH passwords and gaining control over your servers.

Leave a Reply

Your email address will not be published. Required fields are marked *