Pritunl 1.27 Release Announcement

Version 1.27 of Pritunl has been released. This release adds support for Yubico YubiKeys. The client has also been updated to support YubiKeys.

Yubico YubiKeys

The Pritunl settings now includes options to use use a YubiKey as secondary authentication. The YubiKey authentication can be used with Okta, OneLogin, Slack, Google Apps and SAML. The YubiKey integration uses the Yubico OTP and is compatible with the YubiKey 4, YubiKey 4 Nano, YubiKey Neo and YubiKey 4C.

Authenticating

The YubiKeys when connected will act as a USB keyboard. When the users touches the key a 44 character OTP code will be sent followed by the enter key. This allows compatibility with any device that supports USB keyboards including Linux, macOS, Windows and Android phones with USB-C. YubiKeys are not supported on iOS.

Push Authentication Cache

By default the Pritunl server will only cache push authentications for clients connecting from the same computer and remote IP address. This cache last eight hours after the authentication, the timeout is reset on each reconnect. This release adds an additional cache that uses a token generated by the Pritunl desktop client to cache each push authentication for seven days. Reconnecting will not reset the timeout for this cache, after seven days the user will be required to re-authenticate.

Pritunl Client

The Pritunl Client has also been updated on Linux, macOS and Windows to add support for YubiKeys. Users will be prompted to insert the YubiKey on each connection.

@pritunl

Follow Pritunl on Twitter | Find us on GitHub | Subscribe to our mailing list