• CHEF-KOCH@lemmy.mlOP
    link
    fedilink
    arrow-up
    2
    arrow-down
    3
    ·
    3 years ago

    You could store it via KeePass and ~/.ssh can only read out by your Browser if you are using the same user account to run both, so I would recommend storing ssh-keys in the home directory of another user account. Another way would be to encrypt ~/.ssh if you store your keys there.

    • jokeyrhyme@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      I was sort of cheeky with my ~/.ssh example, because I’m actually 100% on Yubikeys for my SSH private keys, so there’s only public keys in that directory now

      But, with my setup ( https://gitlab.com/jokeyrhyme/dotfiles/-/blob/main/packages/flatpak-update.sh#L66 ) I run flatpak override --user --nofilesystem=home ... for a few things like flatpak web browsers (really, I should run this for everything)

      It’s all about defense-in-depth: putting up as many barriers as I can before the getting inconvenienced more than I’d like, and flatpak is so easy for me to use that there isn’t any inconvenience at all