Home Linux OpenSSH 8.2 is here! With support for FIDO / U2F protocols


OpenSSH 8.2 is here! With support for FIDO / U2F protocols

by ace
OpenSSH 8.2 is here! With support for FIDO / U2F protocols

How many times do we need to access a machine, without security, to perform the most diverse operations? With the SSH protocol everything is very simple and practical.

Recently OpenSSH 8.2 was launched, which brings innovations in terms of authentication protocols.

OpenSSH is a set of tools that allows us to manage machines remotely, using the SSH protocol. Unlike other tools like Telnet, rcp, rlogin and ftp, OpenSSH ensures that communications between machines are secure, as it uses encryption to encrypt all traffic (including passwords).

OpenSSH is a free version of the SSH implementation. For those who do not know, the SSH – Secure Socket Shell is a protocol that allows you to securely access and manage Linux machines remotely and beyond.

OpenSSH is a set of tools that includes:

  • ssh – a replacement for rlogin, rsh and telnet.
  • scp– a replacement for rcp
  • sftp– a replacement for ftp
  • sshd– SSH server version daemon
  • ssh-keygen– a tool to verify and generate RSA, DSA and Elliptic Curve keys
  • ssh-agent and ssh-add – utilities so that the user does not always need to enter the password – see here

OpenSSH 8.2 New

This new version brings support for authentication via FIDO / U2F protocols. This means that administrators can configure a hardware security key when authenticating via SSH on a remote server.

After users log in to a server using their username and password or an SSH authentication certificate, they must present a security key based on FIDO / U2F USB, Bluetooth or NFC as a second proof of identity. You can see all the news here.

We can also use DenyHosts, a script developed for Linux systems that allows us to “help” in the control of unauthorized attacks via SSH.


Related Articles

Leave a Comment

16 − eight =

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More