Secure Secrets on Servers
Protect secrets on authentication or validation servers, including cryptographic keys and passwords.
Protect Your Server Secrets with YubiHSM
When using any Two-Factor Authentication setup with a hardware token, protecting the user’s hardware key is only half the solution. The secret which allows the authentication server to correctly identify a user’s key must also be secure. Traditional solutions include server-sized Hardware Security Modules which may cost many times more than many are able to afford.
To meet this demand and to help protect the YubiKey, Yubico has created the YubiHSM, a hardware security module about the size of a USB thumb stick at a fraction of the cost of other Hardware security Modules. The YubiHSM plugs into any USB port on your authentication server and provide a host of strong cryptographic services and security to any secret stored on the server, including YubiKey Secrets, passwords or other important information. The YubiHSM device draws all of its required power from the USB port it’s plugged into, representing a huge savings in power costs when compared to standard HSM servers.
The YubiHSM is designed to integrate with a YubiRADIUS installation seamlessly. All YubiKey secrets stored by YubiRADIUS are automatically encrypted by the YubiHSM.
The YubiHSM provides solutions to many issues experienced by traditional Hardware Security Modules. Able to fit inside a Server and communicate via a USB serial port, the YubiHSM fits easily into most secure server locations.
U.S. defense contractors use YubiKey and YubiHSM for simple and secure access to networks and cloud applications, validating Yubico’s high security processes where token secrets cannot be remotely hacked.