🍺 BREW Explorer

← all casks

Secretive

brew install --cask secretive v3.0.4

Store and manage SSH keys in your Mac's Secure Enclave with Touch ID authentication.

Why you might care

Protects SSH keys from being exported by malware or theft since they're locked in the Secure Enclave by design. Requires Touch ID or Apple Watch to access keys, and notifies you whenever they're used. Open-source and purpose-built for Mac.

Categories

security dev-tools

Alternatives

1Password Keychain Access ssh-agent
614
30-day installs · #408
1.5k
90-day · #482
4.5k
365-day · #544
8.6k
★ GitHub stars · updated today

GitHub topics

mac secure-enclave security ssh

Links

Blurb generated by claude-haiku-4-5 on today.

Raw metadata 
{
  "alternatives": [
    "1Password",
    "Keychain Access",
    "ssh-agent"
  ],
  "artifacts": [
    {
      "app": [
        "Secretive.app"
      ],
      "target": "/Applications/Secretive.app"
    },
    {
      "zap": [
        {
          "trash": [
            "~/Library/Application Scripts/com.maxgoedjen.Secretive.Host",
            "~/Library/Application Scripts/com.maxgoedjen.Secretive.SecretAgent",
            "~/Library/Containers/com.maxgoedjen.Secretive.*"
          ]
        }
      ]
    }
  ],
  "auto_updates": null,
  "categories": [
    "security",
    "dev-tools"
  ],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Store SSH keys in the Secure Enclave",
  "disable_reason": null,
  "disabled": 0,
  "display_name": "Secretive",
  "enrichment_fetched_at": "2026-06-20T22:49:17+00:00",
  "first_seen": "2026-06-20T00:47:34+00:00",
  "full_token": "secretive",
  "github_default_branch": "main",
  "github_last_commit_at": "2026-06-20T06:28:17Z",
  "github_readme_excerpt": "# Secretive [![Test](https://github.com/maxgoedjen/secretive/actions/workflows/test.yml/badge.svg?branch=main)](https://github.com/maxgoedjen/secretive/actions/workflows/test.yml) ![Release](https://github.com/maxgoedjen/secretive/workflows/Release/badge.svg)\n\n\nSecretive is an app for protecting and managing SSH keys with the Secure Enclave.\n\u003cpicture\u003e\n  \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"/.github/readme/app-dark.png\"\u003e\n  \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"/.github/readme/app-light.png\"\u003e\n  \u003cimg src=\"/.github/readme/app-dark.png\" alt=\"Screenshot of Secretive\" width=\"600\"\u003e\n\u003c/picture\u003e\n\n\n## Why?\n\n### Safer Storage\n\nThe most common setup for SSH keys is just keeping them on disk, guarded by proper permissions. This is fine in most cases, but it\u0027s not super hard for malicious users or malware to copy your private key. If you protect your keys with the Secure Enclave, it\u0027s impossible to export them, by design.\n\n### Access Control\n\nIf your Mac has a Secure Enclave, it also has support for strong access controls like Touch ID, or authentication with Apple Watch. You can configure your keys so that they require Touch ID (or Watch) authentication before they\u0027re accessed.\n\n\u003cimg src=\"/.github/readme/touchid.png\" alt=\"Screenshot of Secretive authenticating with Touch ID\" width=\"400\"\u003e\n\n### Notifications\n\nSecretive also notifies you whenever your keys are accessed, so you\u0027re never caught off guard.\n\n\u003cimg src=\"/.github/readme/notification.png\" alt=\"Screenshot of Secretive notifying the user\" width=\"600\"\u003e\n\n### Support for Smart Cards Too!\n\nFor Macs without Secure Enclaves, you can configure a Smart Card (such as a YubiKey) and use it for signing as well.\n\n## Getting Started\n\n### Installation\n\n#### Direct Download\n\nYou can download the latest release over on the [Releases Page](https://github.com/maxgoedjen/secretive/releases)\n\n#### Using Homebrew\n\n    brew install secretive\n\n### FAQ\n\nThere\u0027s a [FAQ here](FAQ.md).\n\n### Auditable Build Process\n\nBuilds",
  "github_repo": "maxgoedjen/secretive",
  "github_stars": 8621,
  "github_topics": [
    "mac",
    "secure-enclave",
    "security",
    "ssh"
  ],
  "homepage": "https://github.com/maxgoedjen/secretive",
  "homepage_og_description": null,
  "homepage_og_image": null,
  "homepage_title": null,
  "installs_30d": 614,
  "installs_365d": 4473,
  "installs_90d": 1504,
  "last_seen": "2026-06-20T00:47:34+00:00",
  "llm_generated_at": "2026-06-20T23:04:06+00:00",
  "llm_model": "claude-haiku-4-5",
  "names": [
    "Secretive"
  ],
  "one_liner": "Store and manage SSH keys in your Mac\u0027s Secure Enclave with Touch ID authentication.",
  "rank_30d": 408,
  "rank_365d": 544,
  "rank_90d": 482,
  "raw_hash": "ce83e69c50c806ed",
  "ruby_source_path": "Casks/s/secretive.rb",
  "tap": "homebrew/cask",
  "token": "secretive",
  "version": "3.0.4",
  "why_use_this": "Protects SSH keys from being exported by malware or theft since they\u0027re locked in the Secure Enclave by design. Requires Touch ID or Apple Watch to access keys, and notifies you whenever they\u0027re used. Open-source and purpose-built for Mac."
}