TPM keys and user presence

Anton Khirnov anton at khirnov.net
Sat Jul 5 18:55:10 AEST 2025


Quoting Brian Candler (2025-07-05 09:39:13)
> On 05/07/2025 06:52, Anton Khirnov wrote:
> > - I have to enter the PIN on every use, which is highly inconvenient and
> >    increases the likelihood the entry will be observed (e.g. in a public
> >    environment with cameras)
> > - the key is in the agent and PIN is not required, then any program that
> >    can access the agent can silently SSH all it wants
> 
> If the private key is actually in the agent, then you can flag that key 
> to require confirmation on each use. With a normal key, it would be 
> "ssh-add -c". That normally just means clicking "OK"; you don't have to 
> enter a PIN.

Thank you, that seems to be exactly what I was looking for.

> I don't know how easy it would be for a rogue program that 
> accesses the socket to spoof the confirmation too.

Seems that askpass does forbid ptrace on itself, so attaching with gdb
and calling exit(0) does work. As, presumably, would be injecting
appropriate x11 events into its window.
But still, I'd say it raises the barrier quite significantly.

> However, I don't use a TPM, and I'm surprised that the TPM allows the 
> private key to be released to the agent in the first place.

I don't think it does, AFAIU the agent only contains some sort of a
handle rather than the actual private key. But then again I don't have a
complete grasp on how all the pieces work, so it'd be nice if someone
more knowledgeable could confirm this.

Cheers,
-- 
Anton Khirnov


More information about the openssh-unix-dev mailing list