[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-6735":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":23,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":30,"readmeContent":31,"aiSummary":32,"trendingCount":16,"starSnapshotCount":16,"syncStatus":17,"lastSyncTime":33,"discoverSource":34},6735,"secretive","maxgoedjen\u002Fsecretive","maxgoedjen","Protect your SSH keys with your Mac's Secure Enclave","https:\u002F\u002Fsecretive.dev",null,"Swift",8605,204,53,156,0,2,10,140,8,81.94,"MIT License",false,"main",[26,27,28,29],"mac","secure-enclave","security","ssh","2026-06-12 04:00:30","# Secretive [![Test](https:\u002F\u002Fgithub.com\u002Fmaxgoedjen\u002Fsecretive\u002Factions\u002Fworkflows\u002Ftest.yml\u002Fbadge.svg?branch=main)](https:\u002F\u002Fgithub.com\u002Fmaxgoedjen\u002Fsecretive\u002Factions\u002Fworkflows\u002Ftest.yml) ![Release](https:\u002F\u002Fgithub.com\u002Fmaxgoedjen\u002Fsecretive\u002Fworkflows\u002FRelease\u002Fbadge.svg)\n\n\nSecretive is an app for protecting and managing SSH keys with the Secure Enclave.\n\u003Cpicture>\n  \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"\u002F.github\u002Freadme\u002Fapp-dark.png\">\n  \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"\u002F.github\u002Freadme\u002Fapp-light.png\">\n  \u003Cimg src=\"\u002F.github\u002Freadme\u002Fapp-dark.png\" alt=\"Screenshot of Secretive\" width=\"600\">\n\u003C\u002Fpicture>\n\n\n## Why?\n\n### Safer Storage\n\nThe most common setup for SSH keys is just keeping them on disk, guarded by proper permissions. This is fine in most cases, but it's not super hard for malicious users or malware to copy your private key. If you protect your keys with the Secure Enclave, it's impossible to export them, by design.\n\n### Access Control\n\nIf your Mac has a Secure Enclave, it also has support for strong access controls like Touch ID, or authentication with Apple Watch. You can configure your keys so that they require Touch ID (or Watch) authentication before they're accessed.\n\n\u003Cimg src=\"\u002F.github\u002Freadme\u002Ftouchid.png\" alt=\"Screenshot of Secretive authenticating with Touch ID\" width=\"400\">\n\n### Notifications\n\nSecretive also notifies you whenever your keys are accessed, so you're never caught off guard.\n\n\u003Cimg src=\"\u002F.github\u002Freadme\u002Fnotification.png\" alt=\"Screenshot of Secretive notifying the user\" width=\"600\">\n\n### Support for Smart Cards Too!\n\nFor Macs without Secure Enclaves, you can configure a Smart Card (such as a YubiKey) and use it for signing as well.\n\n## Getting Started\n\n### Installation\n\n#### Direct Download\n\nYou can download the latest release over on the [Releases Page](https:\u002F\u002Fgithub.com\u002Fmaxgoedjen\u002Fsecretive\u002Freleases)\n\n#### Using Homebrew\n\n    brew install secretive\n\n### FAQ\n\nThere's a [FAQ here](FAQ.md).\n\n### Auditable Build Process\n\nBuilds are produced by GitHub Actions with an auditable build and release generation process. Starting with Secretive 3.0, builds are attested using [GitHub Artifact Attestation](https:\u002F\u002Fdocs.github.com\u002Fen\u002Factions\u002Fconcepts\u002Fsecurity\u002Fartifact-attestations). Attestations are viewable in the build log for a build, and also on the [main attestation page](https:\u002F\u002Fgithub.com\u002Fmaxgoedjen\u002Fsecretive\u002Fattestations).\n\n### A Note Around Code Signing and Keychains\n\nWhile Secretive uses the Secure Enclave to protect keys, it still relies on Keychain APIs to store and access them. Keychain restricts reads of keys to the app (and specifically, the bundle ID) that created them. If you build Secretive from source, make sure you are consistent in which bundle ID you use so that the Keychain is able to locate your keys.\n\n### Backups and Transfers to New Machines\n\nBecause secrets in the Secure Enclave are not exportable, they are not able to be backed up, and you will not be able to transfer them to a new machine. If you get a new Mac, just create a new set of secrets specific to that Mac.\n\n## Security\n\nSecretive's security policy is detailed in [SECURITY.md](SECURITY.md). To report security issues, please use [GitHub's private reporting feature.](https:\u002F\u002Fdocs.github.com\u002Fen\u002Fcode-security\u002Fsecurity-advisories\u002Fguidance-on-reporting-and-writing-information-about-vulnerabilities\u002Fprivately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability)\n\n## Acknowledgements\n\n### sekey\nSecretive was inspired by the [sekey project](https:\u002F\u002Fgithub.com\u002Fsekey\u002Fsekey).\n\n### Localization\nSecretive is localized to many languages by a generous team of volunteers. To learn more, see [LOCALIZING.md](LOCALIZING.md). Secretive's localization workflow is generously provided by [Crowdin](https:\u002F\u002Fcrowdin.com).\n","Secretive 是一个用于通过 Mac 的安全芯片（Secure Enclave）保护和管理 SSH 密钥的应用程序。其核心功能包括利用硬件级加密技术存储密钥，防止密钥被导出，并支持通过 Touch ID 或 Apple Watch 进行访问控制，确保只有授权用户才能使用这些密钥。此外，Secretive 还提供通知功能，当密钥被访问时会及时提醒用户。对于没有 Secure Enclave 的设备，该应用还支持智能卡如 YubiKey 作为替代方案。此工具非常适合需要高度安全保障的开发人员或企业环境，在日常工作中增强 SSH 访问的安全性。","2026-06-11 03:08:35","top_language"]