OpenSSH eases admin hassles with FIDO U2F token support

2020-02-19 11:00

OpenSSH version 8.2 is out and the big news is that the world's most popular remote management software now supports authentication using any FIDO U2F hardware token.

Adding support inside OpenSSH simply means that any U2F token can now be used, including older FIDO1 and more recent FIDO2 hardware.

In OpenSSH FIDO devices are supported by new public key types 'ecdsa-sk' and 'ed25519-sk', along with corresponding certificate types.

Why is FIDO U2F such a big deal when hardware tokens have been around for decades?

The simple answer is that FIDO U2F is an open rather than proprietary specification, which means that third parties can sell USB tokens that comply with it.

News URL

https://nakedsecurity.sophos.com/2020/02/19/openssh-eases-admin-hassles-with-fido-u2f-token-support/

#fido #token