encrypt ssh private keys with the tpm

2024-12-03 16:40:01 -05:00 · 2024-12-03 16:40:01 -05:00 · d5db083507
commit d5db083507
parent 0291524082
3 changed files with 16 additions and 0 deletions
--- a/nixos/tpm.nix
+++ b/nixos/tpm.nix
@ -0,0 +1,9 @@
+{ user, ... }:
+{
+  security.tpm2 = {
+    enable = true;
+    pkcs11.enable = true;
+    tctiEnvironment.enable = true;
+  };
+  users.users.${user}.extraGroups = [ "tss" ];
+}