On 05/07/2025 06:52, Anton Khirnov wrote:
- I have to enter the PIN on every use, which is highly inconvenient and increases the likelihood the entry will be observed (e.g. in a public environment with cameras) - the key is in the agent and PIN is not required, then any program that can access the agent can silently SSH all it wants
If the private key is actually in the agent, then you can flag that key to require confirmation on each use. With a normal key, it would be "ssh-add -c". That normally just means clicking "OK"; you don't have to enter a PIN. I don't know how easy it would be for a rogue program that accesses the socket to spoof the confirmation too.
However, I don't use a TPM, and I'm surprised that the TPM allows the private key to be released to the agent in the first place.
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
