chrome-ssh-agent icon indicating copy to clipboard operation
chrome-ssh-agent copied to clipboard

Published 20 hours ago verified publisher icon google

Disable sync for private keys?

Open rlipscombe opened this issue 6 years ago • 4 comments
trafficstars

Kinda missing the point of the "private" in "private key" if the key is synchronised to all of my Chrome-using devices.

rlipscombe avatar Dec 05 '18 17:12 rlipscombe

Enable/Disable sync. will be a very interesting option to have.

iamhsa avatar Dec 06 '18 18:12 iamhsa

Seems like a reasonable request.

Until that's implemented, note the following:

  • If an encrypted private key is provided, only the encrypted form is synced.
  • Unencrypted private keys are synced only if an unencrypted private key is provided in the first place.

ralimi avatar Apr 21 '19 02:04 ralimi

Another argument against syncing private keys: I tend to have one key per device, allowing me to revoke a specific key if, say, I leave my laptop in the pub.

Note that this only happened once; the laptop had full disk encryption; and it was closing time anyway, so the laptop was locked up in the pub until I collected it the following day anyway. :)

Still revoked that key, though.

rlipscombe avatar Apr 21 '19 18:04 rlipscombe

To do this, we'll need to migrate some of the data that we store in the browser to a slightly different format. I'm starting to add the plumbing to do that. One that starts, it will take a few releases and some time for that migration to take place safely.

At that point, this should be doable.

ralimi avatar Sep 04 '22 05:09 ralimi