Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Discuss
  3. Yubikey to secure servers.. has anyone tried it?

Yubikey to secure servers.. has anyone tried it?

Scheduled Pinned Locked Moved Discuss
34 Posts 6 Posters 6.5k Views 7 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • humptydumptyH humptydumpty

    @timconsidine No, I still have my domains at their respective registrars. You just edit the nameservers to cloudflare and you're set.

    Cloudflare Nameservers
    To use Cloudflare, ensure your authoritative DNS servers, or nameservers have been changed. These are your assigned Cloudflare nameservers.
    Type	Value
    NS	sunny.ns.cloudflare.com
    NS	terin.ns.cloudflare.com
    

    BTW, renewal prices have gone up. The .com was $8.57 and it has gone up to $9.15. Namesilo sent an email back in aug-sep(?) about the price increase so it must be ICANN mandated.

    timconsidineT Offline
    timconsidineT Offline
    timconsidine
    App Dev
    wrote on last edited by
    #22

    @humptydumpty thank you

    I use my Nominet account for *.UK and dynadot for all else.
    Dynadot seem similar prices.

    1 Reply Last reply
    1
    • timconsidineT timconsidine

      @BrutalBirdie thank you !
      For some reason I struggle with Cloudflare.
      Must try harder - I'm sure it's within my grasp πŸ™‚

      fbartelsF Offline
      fbartelsF Offline
      fbartels
      App Dev
      wrote on last edited by
      #23

      @timconsidine i recently documented the steps in a little blog post. https://blog.9wd.eu/posts/9wd-tech-external-services/

      timconsidineT 1 Reply Last reply
      2
      • fbartelsF fbartels

        @timconsidine i recently documented the steps in a little blog post. https://blog.9wd.eu/posts/9wd-tech-external-services/

        timconsidineT Offline
        timconsidineT Offline
        timconsidine
        App Dev
        wrote on last edited by
        #24

        @fbartels thank you !

        1 Reply Last reply
        1
        • humptydumptyH Offline
          humptydumptyH Offline
          humptydumpty
          wrote on last edited by humptydumpty
          #25

          @jdaviescoates during the mess of figuring out how to get to that offer button, I created a new account and signed up for the offer just like you did. I received an email yesterday with the "decline" and telling me how to become eligible. The sad part is that I haven't received the coupon on my eligible account yet.

          1 Reply Last reply
          1
          • humptydumptyH Offline
            humptydumptyH Offline
            humptydumpty
            wrote on last edited by
            #26

            Update: I received my coupon email earlier today.

            The email came from (add it to your whitelist):

            resources {{a.t.}} info [.d.0.t.] yubico [.d.0.t.] com
            
            Congratulations! You are one step closer to activating phishing-resistant MFA with industry leading Yubico security keys at an exclusive 'good for the Internet' price.
            
            Even better news! For a limited time, we're excited to surprise you with an upgrade to our multi-protocol YubiKey 5 Series!
            
            You are now eligible to purchase up to 4 individual YubiKey 5 NFC or YubiKey 5C NFC (minimum 2) starting as low as $10 USD.  
            
            Ready to get started with the YubiKey?
            Here is your single-use coupon for up to four (4) YubiKey 5 NFC or YubiKey 5C NFC (minimum 2) keys for as low as $10 USD or €10 Euros at www.yubico.com
            
            But there is more…. 
            
            Looking to purchase more YubiKeys? YubiEnterprise Subscription provides flexible purchasing options of YubiKeys, predictable spend, premium support and a lower cost to entry.
            
            Cloudflare customers with 500 or more users are eligible to receive an exclusive 50% discount off their first year of YubiEnterprise Subscription.
            
            BrutalBirdieB 1 Reply Last reply
            2
            • humptydumptyH humptydumpty

              Update: I received my coupon email earlier today.

              The email came from (add it to your whitelist):

              resources {{a.t.}} info [.d.0.t.] yubico [.d.0.t.] com
              
              Congratulations! You are one step closer to activating phishing-resistant MFA with industry leading Yubico security keys at an exclusive 'good for the Internet' price.
              
              Even better news! For a limited time, we're excited to surprise you with an upgrade to our multi-protocol YubiKey 5 Series!
              
              You are now eligible to purchase up to 4 individual YubiKey 5 NFC or YubiKey 5C NFC (minimum 2) starting as low as $10 USD.  
              
              Ready to get started with the YubiKey?
              Here is your single-use coupon for up to four (4) YubiKey 5 NFC or YubiKey 5C NFC (minimum 2) keys for as low as $10 USD or €10 Euros at www.yubico.com
              
              But there is more…. 
              
              Looking to purchase more YubiKeys? YubiEnterprise Subscription provides flexible purchasing options of YubiKeys, predictable spend, premium support and a lower cost to entry.
              
              Cloudflare customers with 500 or more users are eligible to receive an exclusive 50% discount off their first year of YubiEnterprise Subscription.
              
              BrutalBirdieB Offline
              BrutalBirdieB Offline
              BrutalBirdie
              Partner
              wrote on last edited by
              #27

              I got my for Yubikeys today. πŸ™‚

              Like my work? Consider donating a drink. Cheers!

              humptydumptyH 1 Reply Last reply
              2
              • BrutalBirdieB BrutalBirdie

                I got my for Yubikeys today. πŸ™‚

                humptydumptyH Offline
                humptydumptyH Offline
                humptydumpty
                wrote on last edited by
                #28

                @BrutalBirdie Nice! I got mine yesterday (a day ahead of estimated delivery). I just got around to setting mine up. Vaultwarden (webauthn method) works great. I tried to secure my laptop login (W11 Home on a local account) but it's still logging me in without the Yubikey. The drive isn't encrypted so that might have something to do with it. I read that Bitlocker is only available on the Pro version, not Home. I can use Drive Encryption instead but it's asking to log into a Microsoft account. It's days like these when I curse the devs of my work related software for not supporting Linux!

                1 Reply Last reply
                1
                • humptydumptyH Offline
                  humptydumptyH Offline
                  humptydumpty
                  wrote on last edited by
                  #29

                  How are you all carrying your Yubikey around?

                  fbartelsF 1 Reply Last reply
                  0
                  • humptydumptyH humptydumpty

                    How are you all carrying your Yubikey around?

                    fbartelsF Offline
                    fbartelsF Offline
                    fbartels
                    App Dev
                    wrote on last edited by
                    #30

                    @humptydumpty i'm just carrying mine on my keychain. They are very robust. No problems so far with my 9+ years old key.

                    BrutalBirdieB 1 Reply Last reply
                    2
                    • fbartelsF fbartels

                      @humptydumpty i'm just carrying mine on my keychain. They are very robust. No problems so far with my 9+ years old key.

                      BrutalBirdieB Offline
                      BrutalBirdieB Offline
                      BrutalBirdie
                      Partner
                      wrote on last edited by
                      #31

                      Here is my workflow with yubikeys (from now on short yk).

                      I have three.

                      • 1x Mobile
                      • 1x Stationary
                      • 1x Backup

                      If a webpage offers FIDO support, great! But? Only 1 key? The site must have multi key support. Good examples are Github, Hetzner and may more.
                      A BAD Example is kraken.com! A Crypto trading platform which only supports ONE KEY!
                      I had a lengthy discussion with one of the support head members who promised me, multi keys will be available soon. The all known SOONβ„’.

                      If not, I use the TOTP feature from the yk.

                      This way I can always sync mobile and stationary and every quarter of the year I get my backup key from the bank vault and sync it as well.

                      This way I always a duo setup and 1x spare in case of absolute disaster.

                      I've been running this setup for quite some time and the vault key can be a bit annoying, but security over comfort.

                      πŸ™‚

                      Like my work? Consider donating a drink. Cheers!

                      humptydumptyH 1 Reply Last reply
                      3
                      • BrutalBirdieB BrutalBirdie

                        Here is my workflow with yubikeys (from now on short yk).

                        I have three.

                        • 1x Mobile
                        • 1x Stationary
                        • 1x Backup

                        If a webpage offers FIDO support, great! But? Only 1 key? The site must have multi key support. Good examples are Github, Hetzner and may more.
                        A BAD Example is kraken.com! A Crypto trading platform which only supports ONE KEY!
                        I had a lengthy discussion with one of the support head members who promised me, multi keys will be available soon. The all known SOONβ„’.

                        If not, I use the TOTP feature from the yk.

                        This way I can always sync mobile and stationary and every quarter of the year I get my backup key from the bank vault and sync it as well.

                        This way I always a duo setup and 1x spare in case of absolute disaster.

                        I've been running this setup for quite some time and the vault key can be a bit annoying, but security over comfort.

                        πŸ™‚

                        humptydumptyH Offline
                        humptydumptyH Offline
                        humptydumpty
                        wrote on last edited by
                        #32

                        @BrutalBirdie said in Yubikey to secure servers.. has anyone tried it?:

                        1x Mobile
                        1x Stationary
                        1x Backup

                        I love the idea of having a stationary key. A Bio key attached to a USB extension cable hidden under the desk would be ideal for me πŸ™‚

                        1 Reply Last reply
                        3
                        • humptydumptyH Offline
                          humptydumptyH Offline
                          humptydumpty
                          wrote on last edited by
                          #33

                          Is anyone using a Yubikey to secure a Windows 11 local account?

                          I upgraded to Pro, activated Bitlocker, and only have user/pass option active for signing in (no PIN, Windows Hello, etc.). It still signs me in without inserting a Yubikey. This is maddening!

                          BrutalBirdieB 1 Reply Last reply
                          0
                          • humptydumptyH humptydumpty

                            Is anyone using a Yubikey to secure a Windows 11 local account?

                            I upgraded to Pro, activated Bitlocker, and only have user/pass option active for signing in (no PIN, Windows Hello, etc.). It still signs me in without inserting a Yubikey. This is maddening!

                            BrutalBirdieB Offline
                            BrutalBirdieB Offline
                            BrutalBirdie
                            Partner
                            wrote on last edited by
                            #34

                            @humptydumpty Windows no, my gaming windows only has password disk encryption but my linux has disk encryption 2fa support.

                            Sorry can't share anything on windows 🀷

                            Like my work? Consider donating a drink. Cheers!

                            1 Reply Last reply
                            1
                            Reply
                            • Reply as topic
                            Log in to reply
                            • Oldest to Newest
                            • Newest to Oldest
                            • Most Votes


                            • Login

                            • Don't have an account? Register

                            • Login or register to search.
                            • First post
                              Last post
                            0
                            • Categories
                            • Recent
                            • Tags
                            • Popular
                            • Bookmarks
                            • Search