Unlocking private key using biometric token
Brian Candler
b.candler at pobox.com
Tue Jun 17 20:06:12 AEST 2025
On 17/06/2025 11:00, Marco Trevisan wrote:
>> Note that, even if you do the above, the protection the fingerprint
>> provides to your private key material is only as strong as your OS'
>> security. If an attacker is able to elevate privilege then they
>> could steal the key material from the agent without your fingerprint.
> Isn't this true for any kind of privilege escalation when the agent is
> in place?
Yes and no.
Yes, if the private key is stored in the agent, and the agent itself
performs the crypto operations.
No, if the private key is stored in a secure enclave, which is
integrated with the fingerprint reader, as with macOS.
In the latter case, (a) the key itself cannot leak, and (b) crypto
operations are only performed with operator consent. (Gummy bears
notwithstanding, you still at least need some physical presence)
More information about the openssh-unix-dev
mailing list