install.doctor icon indicating copy to clipboard operation
install.doctor copied to clipboard

Published 20 hours ago verified publisher icon megabyte-labs

Automatically setup `secretive`

Open ProfessorManhattan opened this issue 2 years ago • 2 comments
trafficstars

💡 Feature/Idea

On macOS, we can improve SSH security by adding our keys to the Secure Enclave. Detect the presence of secretive and if it is installed then move all the keys in the ~/.ssh folder to the Secure Enclave. Add this script to home/.chezmoiscripts/universal and be sure to make sure that the macOS device to Secure Enclave compatible.

:thumbsup: Can you contribute?

No response

ProfessorManhattan avatar Apr 19 '23 04:04 ProfessorManhattan

@ProfessorManhattan, Secure Enclave does not allow import/export of keys. Keys that need to be protected using Secure Enclave need to be created using Secure Enclave - details available here and here.

enggnr avatar Jul 03 '23 07:07 enggnr

Hey @enggnr -- let's just generate one key of each type and name it id_enclave for instance. That way we leverage / setup the technology in case its ever useful to us.

ProfessorManhattan avatar Jul 04 '23 04:07 ProfessorManhattan