SSH authentication with security keys

You can now authenticate to SSH using a FIDO2 security key by adding a sk-ecdsa-sha2-nistp256@openssh.com or sk-ssh-ed25519@openssh.com SSH key to your account. SSH security keys store secret key material on a separate hardware device that requires verification, such as a tap, to operate.

This combination of storing the key on separate hardware and requiring physical interaction for your SSH key offers additional security. Since the key is stored on hardware and is non-extractable, it can't be read or stolen by software running on the computer. Additionally, the tap prevents unauthorized use of the key since the security key will not operate until you physically interact with it.

Learn more about this feature from the accompanying blog post.

Learn more about adding an SSH key to your account.

GitHub Enterprise Server 3.1 is available now as a release candidate.

The latest version of GitHub Enterprise Server brings a host of features to help teams focus on the work that matters most. That includes:

  • GitHub Actions workflow visualizations – track and troubleshoot complex workflows at a glance
  • Automerge pull requests – automatically merge a pull request the moment it’s ready
  • Repository performance optimization – for large, busy repositories

Customers using GitHub Advanced Security will now benefit from the general availability of secret scanning, and support for more libraries and frameworks with code scanning than ever before.

For more information, see the full GitHub Enterprise Server 3.1 RC blog post.

See more