This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ribas
Explorer
Friday

Support for FIDO/U2F in SSH

Hello,

I am trying to use my YubiKey to connect to a Check Point appliance via SSH. My goal is to use FIDO2 [1], which is the recommended protocol for strong authentication. Unfortunately, this does not work.

When I connect to modern Linux distributions (Ubuntu, Oracle Linux, Debian, etc.), YubiKey with FIDO2 works correctly. However, I cannot establish an SSH connection to the Check Point appliance.

After some research, it seems that the issue is related to the SSH version currently used by Check Point. In our environment, we are running version R81.20, which ships with OpenSSH 7.8. This version is outdated, having been released back in 2018 [3]. FIDO2 support was only introduced in OpenSSH 8.2, released in 2020 [2].

Could you please confirm if there are any plans to upgrade the OpenSSH version used in Check Point appliances, or at least to add FIDO2 support? FIDO2 is a modern, secure authentication protocol, and as a leading security vendor, Check Point should strongly consider supporting it as soon as possible.

Thank you for your support.

[1] https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html
[2] https://www.openssh.com/txt/release-8.2
[3] https://www.openssh.com/txt/release-7.8

0 Kudos
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events