I recommend using v3 onions (keeping the addresses secret to prevent unauthorized probing of SSH server). Also connecting to it from trsted VMs. This would take care of the need to protect the token from malicious access while being straightforward.
2 Likes