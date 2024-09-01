The past year I have been hacking around on tools utilizing TPMs, and one of the features I have been interested to learn more about is the device attestation features.

After being a bit inspired by some ideas from people at work, the hackerspace and toots on mastodon, I figure out a SSH certificate authority would be a cool small project to hack on. Last year I wrote an SSH agent with TPM bound keys so this would nicely fit into the existing tooling.