Secure Shell, Standards, And The YubiKey

September 9, 2015 2 minute read

In new entries added recently to the white paper section of our website, we’re detailing Secure Shell options using a YubiKey, and emerging standards that combine to solve online identity challenges.

These white papers are a nice place to uncover some lesser-known YubiKey gems, learn a little more about our crypto strategy, or dive deeper into topics that offer leading-edge security choices.

Those who use their YubiKey NEO or NEO-n in conjunction with Secure Shell (SSH) love the feature, but it lives in the shadow of other, more popular, YubiKey NEO services.

For the uninitiated, you can use a YubiKey NEO with SSH to establish secure connections with remote servers.

Author Alessio di Mauro, a Yubico software engineer, explains what SSH is and why you want to use it with a YubiKey. There are many advantages to using a YubiKey with SSH. The private key is stored within the YubiKey’s secure element, and your master key stays safe as you use only an authentication subkey. In addition, if your YubiKey falls into rogue hands, the attacker only has three very slim chances to authenticate as you before the key locks down.

Once you configure your computer to use SSH keys from a YubiKey, you are set to use them with your personal server or with one of the many services that allow public key authentication such as GitHub or Bitbucket.

Alessio’s white paper takes you through all the benefits.

Also new to our white paper section is a peek at some interesting standards-based identity and authentication options fostered by the intersection of FIDO Universal 2nd Factor (U2F) and OpenID Connect. Each has its own important qualities, but also soft spots. Used together, they present new security possibilities that are explored by guest author Justin Richer, a standards advocate and consultant at Bespoke Engineering.

Also in the white paper section is Alessio’s original three-part crypto key length discussion now available as one document available for download (and sharing).

Our white paper section is a growing resource, so we hope you’ll visit now to learn more, and return in the future to find in-depth looks at a flourishing ecosystem that includes the YubiKey, FIDO U2F, security and the future of strong authentication.

Share this article:

Recommended content

Combating ransomware attacks on your enterprise

What do a PC manufacturer, a meat supplier and a mental health clinic have in common? They have all been victims of ransomware attacks. They’re not alone. Ransomware attacks grew by over 485% in 2020, leveraging the new ransomware-as-a-service (RaaS) model of profit-sharing in exchange for ransomware tools.  One of the most infamous recent ransomware ...

Join Yubico at Black Hat USA 2021 for an in-person and virtual look into the future of authentication

This year, Black Hat is celebrating its 24th year! We’re excited to be back both virtually and in person. Will you be in Vegas or catching all the action online? Either way, we’d love to see you!  You can visit us at Black Hat USA 2021 in Las Vegas at booth #1471 to see live ...

People matter: How to solve security skills shortage challenges

The skills shortage in the security industry stretches as far back as we can remember having an industry. Everyone knows it’s a challenge with no easy short-term solutions. The root of the security skills shortage gap remains murky, and some observers say the pandemic and reallocations of security resources could be widening that gap. The ...

Outil d’authentification unique pour le Collège de Paris

A propos de Collège de Paris Depuis sa fondation, le Collège de Paris s’est donné pour mission de promouvoir l’excellence française grâce à la formation, en regroupant des établissements d’enseignement supérieur reconnus. Ces établissements partagent trois valeurs: l’ouverture internationale, l’excellence pédagogique et l’accompagnement individualisé des étudiants. Le siège social du groupe Collège de Paris, incluant ...