It's much safer to export a key one time and import it into a new machine, or st... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		asteroidburger 10 hours ago \| parent \| context \| favorite \| on: Native Secure Enclave backed SSH keys on macOS It's much safer to export a key one time and import it into a new machine, or store it in a secure backup, than to keep it just hanging out on disk for eternity, and potentially get scooped up by whatever malware happens to run on your machine.

Nextgrid 6 hours ago [–]

Any malware capable of exfiltrating a file from your home folder is also capable of calling the export command and tricking you into providing biometrics.

asteroidburger 40 minutes ago | [–]

Not necessarily; "read file" is very different from "execute command." The biometrics part is a substantial lift as well.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact