Nostr Web Client

An ssh private key is still on the remote machine, but only readable by your user.

What I want is for that key to be airgapped. And multisig. And everything else you can do to secure, say, a Bitcoin key that only has access to a 1000 sat utxo on chain, but that utxo buys you access to a server. To make it physically impossible to steal or spoof that key.

Diacone Frost 9mo ago

say again? why is the private key on a remote?

Reply to this note

Please Login to reply.

Discussion

Jay 9mo ago

Sorry I was talking from the server's perspective, accepting connections from remote clients.

Diacone Frost 9mo ago

Still not sure if I understand the flow.

It's probably easiest to write a pam plugin.

Jay 9mo ago

That's my plan actually. The plugin hooks into the password flow, sends a challenge token and, expects the signed message back, and authorizes the connection. A talk with AI gave me the configuration code and steps, I just need to do it on a VM and see if it works.