[Feature Request] Compliance Setting: "The OS must enforce authorized access to the corresponding private key for PKI-based authentication"

[ferricoxide]

Is your feature request related to a problem? Please describe.

STIG scans calling out RHEL-09-611190/OL09-00-000905/ALMA-09-038850

Describe the solution you'd like

Per the STIG guidance:

Create a new private and public key pair that uses a passcode, as the correct user, with the following command:

$ ssh-keygen -n [passphrase]

Describe alternatives you've considered

Additional context

Couple of issues:

1. It should be rare that users are creating SSH keys on EL9-based hosts
2. This is more a "lifecycle" task than a "run at birth" type of task

As such, this will probably want a FAQ entry in the Wachmaker documentation

[ferricoxide]

Closing this issue in favor of the documentation-issue in the watchmaker project (see: plus3it/watchmaker#3578).