{"id":46867,"date":"2025-03-30T17:48:37","date_gmt":"2025-03-30T21:48:37","guid":{"rendered":"https:\/\/www.technewsday.com\/?p=46867"},"modified":"2025-03-30T17:48:37","modified_gmt":"2025-03-30T21:48:37","slug":"cloudflare-launches-open-source-tool-for-secure-keyless-ssh-authentication","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cloudflare-launches-open-source-tool-for-secure-keyless-ssh-authentication\/","title":{"rendered":"Cloudflare Launches Open Source Tool for Secure, Keyless SSH Authentication"},"content":{"rendered":"<p>Cloudflare has released an open-source tool called OPKSSH (OpenPubkey SSH), which allows developers and IT teams to use identity-based single sign-on instead of traditional SSH keys for server access. The move aims to improve both security and usability for managing secure shell (SSH) connections.<\/p>\n<p>The tool integrates OpenID Connect (OIDC) \u2014 a widely used identity authentication protocol \u2014 into the SSH process. Instead of relying on long-lived private keys, OPKSSH generates short-term, ephemeral keys based on a user\u2019s login session with an identity provider. This reduces the risk of key theft and simplifies access management across teams.<\/p>\n<p>\u201cUsers can generate SSH credentials by signing in with their identity provider,\u201d said Cloudflare in the announcement. \u201cThis lets them connect to servers from any device with OPKSSH installed, without needing to carry private keys.\u201d<\/p>\n<p>Originally developed by BastionZero, now part of Cloudflare, OPKSSH has been released under the Apache 2.0 open source license. Administrators can authorize users by email, improving visibility and access tracking. The project has been contributed to the broader OpenPubkey ecosystem and is now available on GitHub.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cloudflare has released an open-source tool called OPKSSH (OpenPubkey SSH), which allows developers and IT teams to use identity-based single sign-on instead of traditional SSH keys for server access. The move aims to improve both security and usability for managing secure shell (SSH) connections. The tool integrates OpenID Connect (OIDC) \u2014 a widely used identity [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":46868,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[66,16],"tags":[],"class_list":["post-46867","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-open-source","category-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=46867"}],"version-history":[{"count":1,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46867\/revisions"}],"predecessor-version":[{"id":46869,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/46867\/revisions\/46869"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/46868"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=46867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=46867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=46867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}