Passwordless Azure VM SSH login using FIDO2 security keys (Part 2)

This post is a part of a series.

I’ve chosen the scenario where SSH login is only allowed to the user if they are connecting from a compliant device, so I need a Conditional Access policy to enforce that restriction.

Conditional Access Policy

Under cloud apps, I selected “Azure Linux VM Sign-in” and “Azure Windows VM Sign-in”. The demo will just show Linux, but either one will work.

And then I selected to grant access only when the two conditions selected are met:

VM details

The users have been assigned either “Virtual Machine Administrator Login” or “Virtual Machine User Login” roles.

Additionally, this VM was provisioned to allow SSH using Azure AD credentials.

In part 3 of this series we’ll see the passwordless SSH login in action.

2 thoughts on “Passwordless Azure VM SSH login using FIDO2 security keys (Part 2)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: