Hello,

I am trying to use my YubiKey to connect to a Check Point appliance via SSH. My goal is to use FIDO2 [1], which is the recommended protocol for strong authentication. Unfortunately, this does not work.

When I connect to modern Linux distributions (Ubuntu, Oracle Linux, Debian, etc.), YubiKey with FIDO2 works correctly. However, I cannot establish an SSH connection to the Check Point appliance.

After some research, it seems that the issue is related to the SSH version currently used by Check Point. In our environment, we are running version R81.20, which ships with OpenSSH 7.8. This version is outdated, having been released back in 2018 [3]. FIDO2 support was only introduced in OpenSSH 8.2, released in 2020 [2].

Could you please confirm if there are any plans to upgrade the OpenSSH version used in Check Point appliances, or at least to add FIDO2 support? FIDO2 is a modern, secure authentication protocol, and as a leading security vendor, Check Point should strongly consider supporting it as soon as possible.

Thank you for your support.

[1] https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html
[2] https://www.openssh.com/txt/release-8.2
[3] https://www.openssh.com/txt/release-7.8