OpenSSH now supports FIDO U2F security keys for 2-factor authentication

2020-02-17 09:18

FIDO protocol based hardware security devices are stronger and fool-proof mechanisms for authentication because it enables public-key cryptography to protect against advanced malware, phishing, and man-in-the-middle attacks.

"In OpenSSH, FIDO devices are supported by new public key types' ecdsa-sk' and 'ed25519-sk', along with corresponding certificate types," the OpenSSH 8.2 release note says.

A physical security key adds an extra layer of authentication to an account on top of your password, and users can quickly log into their accounts securely just by inserting the USB security key and pressing a button.

If you are unaware, OpenSSH last year also introduced another security feature that encrypts private keys before storing them into the system memory, protecting it against almost all types of side-channel attacks.

You can find more information about the latest release and guide on how to generate hardware security keys with OpenSSH in the release notes.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/PZoNEdHBet4/openssh-fido-security-keys.html

#fido #2factor #authentication #security