amuck-landowner

GHS now offering Yubikey's to Dedicated Server clients

Jade

NodeServ
Verified Provider
Hello,

This isn't too big of news, but I just thought I'd let you all know.

GridHostingSolutions is now offering Yubikey's to all dedicated server clients per request to add more security to the clients account.

Each Yubikey will cost $30.00 to each client that purchases one.

Yubikey By Yubico

What is a Yubikey you might ask?

A YubiKey is a One-Time Password (OTP) generator device. It generates a unique sequence of characters as an OTP every time its button is pressed. As the term suggests, a One-Time Password is valid only for a single use and cannot be used again for authentication.

YubiKeys are typically used in implementing strong two-factor authentication solutions which provide much stronger security when compared to using only a username and password. The YubiKey supports multiple types of configurations and may be used to generate One-Time Passwords as well as static passwords

Want to know more information about what a Yubikey is?

Check out http://gridhostingsolutions.com/security/features/yubikey

Thanks for reading!
 
Last edited by a moderator:

MannDude

Just a dude
vpsBoard Founder
Moderator
That's pretty cool actually. YubiKeys are great, I need to get another one for some other things, but the one I have to use for work is awesome. I can't login or do anything without it.
 

drmike

100% Tier-1 Gogent
Umm, Yubikey, why are they useful to folks?   Still not clear what they do (other than random password generator).  Please share use cases and useful solutions based on them.   


Do the USB devices also do key / password storage?
 

Jade

NodeServ
Verified Provider
Umm, Yubikey, why are they useful to folks?   Still not clear what they do (other than random password generator).  Please share use cases and useful solutions based on them.   

Do the USB devices also do key / password storage?
Great questions!

Yubikey's with keychains.

yubikey_2.jpg


Yubikey's are very useful for people that want to add more security to their client area, or on their Dedicated Servers. Yubikey's resemble what a Flash Drive would look like, with a weight of about 2 grams. They don't have a battery in them, and work based on the machines power that you plug it into. When you want to access your server(If you have a Yubikey) you can then login to your server via our Control Panel and plug in your yubikey to your USB slot, and click on the OTP text field and press the button on the front of the Yubikey, and it generates a One Time Password, which therefore provides extra security from hackers etc. All in all, Yubikey's are just security on top of security for you and your server.

As for Yubikey's also doing key / password stroage, yes they do. You can store your password onto the Yubikey and use it also when you login to your server ontop of pushing the button of course to generate the OTP.
 
Last edited by a moderator:
  • Like
Reactions: scv

scv

Massive Nerd
Verified Provider
I'd like to see more providers offering YubiKey/misc. OTP support in their management/billing areas. Any public service or community's management staff should be utilizing one when it comes to their infrastructure. Even better would be if more major hosting providers started providing OTP services to their customers like this. It's certainly a big selling point!
 

Sunshine

New Member
Well, for one thing, YubiKey works great with FastMail :)

I wish more services supported it... Good job GHS, for adding support for this.

edit: oh, one other thing... you can use it for SSH authentication, but it takes a bit of tinkering to make it work... I havn't tried it yet... but for instance, see this, this, this and this.
 
 
Last edited by a moderator:

drmike

100% Tier-1 Gogent
Thanks @Sunshine.  Interesting to see things that work with the YubiKey.  Still don't "get it" but eventually ah-ha moment will arrive :)
 

Jade

NodeServ
Verified Provider
Well, for one thing, YubiKey works great with FastMail :)

I wish more services supported it... Good job GHS, for adding support for this.

edit: oh, one other thing... you can use it for SSH authentication, but it takes a bit of tinkering to make it work... I havn't tried it yet... but for instance, see this, this, this and this.
Thank you :) Yeah you can intergrate it in SSH auth but it does take some time and effort to do so haha
 

Sunshine

New Member
No problem :)

@buffalooed - I guess the main point is that you're still safe, even if you've got a keylogger installed on your local machine, because the passwords can not be re-used (hence the term "One Time Passwords").

This could be convenient if you're travelling without a laptop and need to check your email at an Internet cafe, etc.

Or if you're at a friends house.

Or, god forbid, you actually permitted your own machine to become compromised ;)

Or, I guess, as a way to improve security for your not-so-good-with-technology parents, by giving them a YubiKey. Hmm, come to think of it, I should do that.

In any case, securing your own email account is a pretty good first step. If you think about it, so much access these days is tied to your email account. Domains, servers, etc.

If people can access your email, they can perform password recovery and get access to pretty much everything else.

I only ever use my email "master password" while booted from a Linux boot-cd. For daily use, I use the YubiKey which gives me limited access to my FastMail account (enough to send email and move things to the trash folder, but I can't permanently delete anything, or change configuration settings for my email account - this is not strictly necessary, but I might as well).

There's also other ways of doing two-factor authentication, like SMS / phone app verification when logging into things. But the YubiKey is a really nice, convenient and easy to use solution. I love it.

(sorry to OP if I'm going slightly off topic here - and again, well done for adding support for this)
 
 
Last edited by a moderator:

HalfEatenPie

The Irrational One
Retired Staff
What the difference between a YubiKey vs... Google's two-step authentication? 

Not that I know @buffalooed likes Google but hehe.  
 

drmike

100% Tier-1 Gogent
@Sunshine, I wish I could give you more than a Thanks for penning that YubiKey use scenario description.

I like that the device seems to be universally supported without drivers.  Detects as USB keyboard.  

Now to figure out what supports there and if easy/worth today integrating in my environment.

@HalfEatenPie, can we split some of these posts into a separate YubiKey thread for further discussions about Yubikey.... Of course note here the other thread.
 
Top
amuck-landowner