Secretive is a fully native Mac app that lets you protect and manage SSH keys with your Mac's Secure Enclave.
Most SSH agents store your keys as files on disk. Malware can steal these files. Secretive creates keys that can't be exported, and gives you strong access control for their use.
Secretive is fully open source, has a strictly auditable build process, and has no external dependencies.
Secretive looks right at home in MacOS Tahoe, with a fresh Liquid-Glass inspired facelift.
You're no longer limited to ECDSA-256 keys. On macOS Tahoe and later, you can create post-quantum MLDSA-65 and MLDSA-87 keys.
Secretive takes advantage of new application-hardening features in macOS Tahoe.
All request parsing and network activity now happens out of process.
Set a custom per-key attribution for your public keys.
Show your public key on disk with a single click.
Secretive now uses Swift 6's concurrency checking to run more reliably and safely.
The agent status view now shows you you information about SecretAgent, like as the socket path.
A new Integrations window helps you configure your apps to talk with Secretive.
