Cmd + Yubico

Multi-Factor Authentication

Unlock the power of multi-factor authentication in Production Linux

# Protecting Linux Production Environments with MFA

We live in a world dependent on user logins and credentials, but these digital bona fides are all too often hacked. When security relies on downloaded codes, software, or user memory, there are opportunities for hackers to intercept credentials via phishing or other tactics and enter an organization’s system. Once inside a Linux production environment, these hackers can go undetected and wreak havoc on the sensitive data and code within.

Yubico has a physical solution to this digital security problem: Yubikeys.

Since users must physically have their Yubikeys with them to unlock a device, the chances of a hacker digitally replicating, intercepting, or stealing a passcode are dramatically reduced. These Yubikeys are easy to use, and users don’t waste time mis-typing or resetting passwords; in fact, Yubico claims to be more than four times faster than other authentication processes, and to reduce costs for support by over 90 percent. They also integrate with over 1,000 different products, allowing users to quickly log in with a tap.

# How Cmd Integrates with Yubico

Cmd helps companies authenticate and manage user security in Linux production environments without slowing down teams — you don’t need to individually configure identities and devices. Our modern, fast platform integrates with Yubico to add another layer of internal security for companies using 2FA. With our integration, users are authenticated via Yubico’s hardware and one-time password, and all activity is tracked within Cmd’s platform. This way, security goes beyond a one-time authentication to cover any and all activity undertaken within sensitive Linux production environments.

The typical process looks like this:

  • The user logs into the system with their Yubikey
  • Before the login succeeds, Cmd prompts the user to authenticate themselves
  • The user enters their one-time password
  • Once authenticated, the user can access the system
  • Cmd records the session log in real-time, correlating the user’s credentials to their real identity for stronger security and compliance tracking


Additionally, Cmd and Yubico let you:

  • Trigger 2FA validation at the moment of a privilege escalation thru sudo
  • Restrict sensitive actions, such as dumping data from a customer database
  • Set adaptive 2FA controls that depend on time of day, location, or other behavioral factors

Companies using Cmd’s Yubico integration can also take advantage of other features, such as alerting, reporting, and cloud compliance & auditing management.

Copy link