diff --git a/pkg/commands/oscommands/cmd_obj_runner.go b/pkg/commands/oscommands/cmd_obj_runner.go
index 41fedcfbc..ba374eedc 100644
--- a/pkg/commands/oscommands/cmd_obj_runner.go
+++ b/pkg/commands/oscommands/cmd_obj_runner.go
@@ -376,8 +376,11 @@ func (self *cmdObjRunner) getCheckForCredentialRequestFunc() func([]byte) (Crede
 		`Password\s*for\s*'.+':`:                 Password,
 		`Username\s*for\s*'.+':`:                 Username,
 		`Enter\s*passphrase\s*for\s*key\s*'.+':`: Passphrase,
-		`Enter\s*PIN\s*for\s*.+\s*key\s*.+:`:     PIN,
-		`.*2FA Token.*`:                          Token,
+		// With a tpm, ssh prompts:
+		// Enter PIN for '%s':
+		// https://github.com/openssh/libopenssh/blob/05dfdd5f54d9a1bae5544141a7ee65baa3313ecd/ssh/ssh-pkcs11.c#L251
+		`Enter\s*PIN\s*for\s*.+\s*(key\s*.+|'.+'):`: PIN,
+		`.*2FA Token.*`: Token,
 	}
 
 	compiledPrompts := map[*regexp.Regexp]CredentialType{}
diff --git a/pkg/commands/oscommands/cmd_obj_runner_test.go b/pkg/commands/oscommands/cmd_obj_runner_test.go
index c906cea3f..9bb72b043 100644
--- a/pkg/commands/oscommands/cmd_obj_runner_test.go
+++ b/pkg/commands/oscommands/cmd_obj_runner_test.go
@@ -94,6 +94,12 @@ func TestProcessOutput(t *testing.T) {
 			output:                  "Enter PIN for key '123':",
 			expectedToWrite:         "pin",
 		},
+		{
+			name:                    "tpm pin prompt",
+			promptUserForCredential: defaultPromptUserForCredential,
+			output:                  "Enter PIN for 'label':", // https://github.com/tpm2-software/tpm2-pkcs11/blob/d7fd660dd3ad2b8382afc57a768872032bd71d64/docs/SSH.md?plain=1#L86S
+			expectedToWrite:         "pin",
+		},
 		{
 			name:                    "2FA token prompt",
 			promptUserForCredential: defaultPromptUserForCredential,