> There's no way to force the remote SSH client not to store that RSA private key unencrypted But there is a way to remotely attest that the private key has been generated on device (either through TPM attestation or…
> There's no way to force the remote SSH client not to store that RSA private key unencrypted But there is a way to remotely attest that the private key has been generated on device (either through TPM attestation or…