Access for Infrastructure now supports independent multi-factor authentication (MFA) for SSH connections using YubiKey PIV keys. This adds a hardware-backed second factor to SSH access, ensuring that a compromised device session alone is not sufficient to reach your servers.
With per-application and per-policy configuration, you can enforce PIV key authentication for sensitive usernames (for example, root) while applying different requirements for other usernames. You can also set an MFA session duration to control how often users must re-authenticate.
Enrollment
Users enroll their YubiKey PIV key through the App Launcher. For enrollment instructions and SSH client setup, refer to Enroll a PIV key for infrastructure apps.
Configuration
For setup instructions, refer to Enforce MFA for infrastructure applications.
Source: Cloudflare
Latest Posts
- Amazon ECS now provides real-time deployment observability in the AWS Management Console

- ECS Service Connect now supports Zone-Aware routing

- MC1411727: Copilot Notebooks Adds AI-Powered Artifact Suggestions for Faster Content Creation

- MC1411726: SharePoint Online Retires Remote Event Receivers and Recommends Migration to Webhooks or Microsoft Graph Notifications






