|
|
|
|
|
|
by Foxboron
1056 days ago
|
|
|
>Are you sure about that? Presumably the secret parts of the SSH key are being read into memory at some point, or a RCE could dump the key the same way ssh-tpm-agent does. This is not how ssh-tpm-agent works. It does the key signing inside the TPM so you do not have access to the key on the machine itself. The private key never hits memory or the machine itself. |
|
|