|
|
|
|
|
|
by Sentes
1969 days ago
|
|
|
> There's no way to force the remote SSH client not to store that RSA private key unencrypted But there is a way to remotely attest that the private key has been generated on device (either through TPM attestation or https://developers.yubico.com/PGP/Attestation.html ). Not to mention that the admin could just generate private keys on the token and give employees that. |
|
|