SSH key brokering

An SSH private key on a laptop is a key on a laptop — copyable, exfiltratable, and impossible to truly revoke once it’s been on disk. Veil’s SSH brokering keeps the private key off the client entirely. Veil holds your SSH key encrypted and signs authentication challenges server-side with ed25519. Your git push and ssh commands work exactly as before — but every signature happens at Veil, and the private key is never on the machine doing the connecting.

Public key out, private key never

You get an SSH key into Veil one of two ways, and both leave the private half sign-only:

• Generate a new key inside Veil. You receive the public key to paste into GitHub or onto your servers. The private key is created and stored encrypted; it is never displayed.
• Import an existing ed25519 key. Once imported, its public key is exposed but the private key becomes sign-only and can never be revealed again — not even to you.

Use it like a normal agent

Mint an SSH token (it starts with veil_ssh_) and start the Veil SSH agent. It sets SSH_AUTH_SOCK, so every tool that speaks the SSH agent protocol routes its signatures to Veil:

Nothing about your workflow changes. ssh-add -l lists your keys, git push and ssh just work — the difference is invisible at the command line and decisive in your threat model.

Every signature is gated and audited

A signature isn’t free. Each one is checked against:

• the use permission on the key’s workspace, and
• the key’s policy — which can require per-sign approval or deny outright.

And every signature is written to the audit log: which key, when, by which token. If a token leaks, revoke it in the app and signing stops instantly — no key rotation, no scrubbing laptops, because the secret was never distributed in the first place.

See the CLI reference for veil ssh-agent flags and tokens for how SSH tokens are walled off from agent and CI tokens.