Remix.run Logo
pianopatrick 2 hours ago

You could move your SSH keys onto a password encrypted usb drive that you physically remove from the computer.

wrxd an hour ago | parent [-]

An alternative is to use ssh keys stored in the Secure Enclave with tools like https://secretive.dev/

pianopatrick an hour ago | parent [-]

Seems to me a tool like that would stop the agent from sending those specific keys elsewhere. But a tool like that would not stop the agent who is acting as you from using the SSH keys via the CLI. You would want to combine that with other tactics like having the agent run as some other user.

samhclark an hour ago | parent [-]

Secretive (and the similar built-in functionality [1]) both allow you to require TouchID too. I found an okay balance using two SSH keys: one for commit signing (w/o TouchID) and one for everything else (requires TouchID, or PIN on Linux)

So, the actions that I really don't want the agent to take (establishing an SSH connection, pushing to a git remote) always require my manual intervention.

[1] https://gist.github.com/arianvp/5f59f1783e3eaf1a2d4cd8e952bb...