Put your SSH keys in your TPM chip

What Remy van Elst showed

Security tinkerer Remy van Elst has published a detailed how-to for moving SSH private keys into a machine’s TPM, arguing it’s a sensible middle ground between keeping id_rsa on disk and using a portable hardware token. The guide walks through creating a persistent PKCS#11 store, adding a token, and importing keys — and it has been reported that the private key itself isn’t literally stored inside the TPM but encrypted and kept in a SQLite file that the TPM unlocks when needed. Most machines now ship with a TPM (thanks in part to Windows 11 requirements), so this is an accessible option for a lot of users.

How it works, in plain English

The TPM acts like a locked vault tied to the device: it can hold or unwrap keys when requested, but you don’t get raw key material living on your filesystem or floating in an ssh-agent. It has been reported that the TPM’s limited internal storage is not a problem because keys are stored encrypted outside the chip and only loaded into TPM memory on use. Practical tips from the guide include generating keys offline and importing them into the TPM (so you can back them up), using shell-safe tricks to avoid leaking pins into history, and recompiling tpm2-tools with --with-fapi=no to avoid certain runtime errors.

Caveats, risks and the bottom line

It’s more secure than a plain file, but it’s not a magic wand. It has been reported that TPMs are device-bound and don’t require the physical presence a YubiKey or Nitrokey would — a trade-off between convenience and tamper resistance. Also, it has been reported that some consumer motherboards can wipe TPM contents during BIOS updates, and past flaws like ROCA (CVE-2017-15361) are a reminder that firmware and vendor implementations matter. So: yes, put your SSH keys in the TPM if you want stronger protection than files; just back them up, mind firmware updates, and don’t treat the TPM as a portable HSM.

Sources: raymii.org, Lobsters