1
I'm curious if this is possible or even recommended.
Let's say that I want to prevent people from being able to steal my SSH or GPG keys if they manage to compromise my user account (Let's call the account user
). So, I want the private portion of the keys on another account that I don't have any permissions to (let's call the account user-keys
). So, if I want to be able to do any sort of SSH or GPG authentication, I need to send that request to the user-keys
account, it does the auth work, then sends back the result to my user
account.
Is this possible to do? If so, how? Also, is this recommended, or is there another better way to protect the keys asides from the obvious be careful with downloading and running software from the internet?