Secretive

Secretive is a macOS app that generates and stores SSH keys inside the Secure Enclave, keeping private keys non-exportable and bound to your hardware. It runs an ssh-agent compatible service, so existing tools can use the keys without any changes to your workflows. Because the keys never leave the Secure Enclave, even root on the host cannot read them, which raises the bar against credential theft. A simple menu-bar interface lets you create, label, and manage keys, prompt for authorization, and control which processes may request signatures. The design favors least privilege and auditability: you explicitly approve usage and can revoke access without having to hunt for files on disk. For developers, admins, and security-conscious users, Secretive provides a clean way to upgrade SSH hygiene with hardware-backed protection and minimal friction.

Features

SSH private keys are stored in Secure Enclave so they cannot be exported
Access to keys can be gated via Touch ID or Apple Watch (strong user authentication)
Notifications whenever keys are accessed so user is aware of use
Support for Smart Cards (for machines without Secure Enclave) as signing mechanism
Auditable build process; releases are produced via GitHub Actions with attestation of artifacts starting with version 3.0
Localization support (multiple languages)

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow Secretive

Secretive Web Site

User Reviews

Be the first to post a review of Secretive!

Additional Project Details

Operating Systems

Mac

Programming Language

Swift

Related Categories

Swift Security Software

Registered

2025-09-22

Similar Business Software

Gradient Cybersecurity Mesh

Gradient Cybersecurity Mesh stitches together hardware-based roots of trust with nation-state hardened software to eliminate the threat of credential-based cyberattacks and creates a frictionless user experience without requiring any changes to your existing infrastructure. By anchoring...

See Software
ByteHide

ByteHide is an all-in-one, developer-first application security platform designed to protect code, secrets, data, and runtime environments, while minimizing your dependencies and risk. It integrates seamlessly with your development workflows and communication tools, delivering key security...

See Software
Venn

Venn is the leader in BYOD Security. Venn’s Blue Border™ is patented technology that protects company data and applications on BYOD computers used by contractors and remote employees - without VDI. With Venn, work lives in a company-controlled Secure Enclave (installed on the user’s PC or...

See Software
TruffleHog

TruffleHog runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With...

See Software
Unbound CORE Identity Security

Authenticate users and machines and protect PKI – seamlessly across all locations and devices. Create virtual enclaves for mobile and for desktop with maximum security and without sacrificing the user experience. Authenticate user access and identify simply and securely with CORE virtual secure...

See Software
Yandex Lockbox

Create secrets in the management console or using the API. Your secrets are safely stored in one place, easily integrated with your cloud services, and accessible via external systems over the gRPC or REST API. Encrypt your secrets using Yandex Key Management Service keys. Secrets are only...

See Software

Report inappropriate content

Secretive

Protect your SSH keys with your Mac's Secure Enclave

Get an email when there's a new version of Secretive

Features

Project Samples

Project Activity

Categories

License

Follow Secretive

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered