sekey/sekey

Features

• Hardware Security Key Authentications - Provides hardware-backed SSH authentication using secure enclaves and biometric verification to isolate private keys.
• Biometric-Gated Signing - Implements biometric-gated request signing, requiring hardware verification before signing cryptographic challenges.
• Hardware-Internal Key Generation - Generates and stores cryptographic key pairs directly within a hardware enclave to prevent exposure.
• Hardware Key Lifecycle Management - Allows the creation, listing, and deletion of cryptographic keys directly within secure hardware.
• Hardware-Backed Security - Implements hardware-backed access control by requiring biometric or hardware verification for remote server sessions.
• Hardware-Backed SSH Key Managers - Provides a manager for storing and managing SSH private keys within a hardware security module.
• Secure Enclaves - Performs all signing and decryption operations inside a protected secure enclave to isolate sensitive material.
• Hardware-Backed Key Storage - Stores private keys inside a secure enclave to ensure they cannot be extracted or accessed by system memory.
• Hardware Key Isolation - Isolates SSH private keys from system memory by performing signing operations inside a hardware module.
• SSH Protocol Bridges - Acts as a middleware bridge connecting standard SSH protocols to hardware-based signing mechanisms.
• Hardware Key Serialization - Transforms internal hardware key formats into standard public key strings compatible with remote server authorization.
• SSH Agent Integrations - Functions as an SSH authentication agent that signs requests using hardware security and biometric verification.
• Hardware Public Key Exporters - Converts hardware-resident keys into standard public key formats for remote server authorization.
• Public Key Serializations - Converts hardware keys into standard SSH public key serializations for distribution to authorized_keys files.

Star history