You can configure your key so that they require Touch ID (or Watch) authentication before they're accessed. If your Mac has a Secure Enclave, it also has support for strong access controls like Touch ID, or authentication with Apple Watch. If you store your keys in the Secure Enclave, it's impossible to export them, by design. This is fine in most cases, but it's not super hard for malicious users or malware to copy your private key. The most common setup for SSH keys is just keeping them on disk, guarded by proper permissions.
It is inspired by the sekey project, but rewritten in Swift with no external dependencies and with a handy native management app. Secretive is an app for storing and managing SSH keys in the Secure Enclave.
0 kommentar(er)
