Hi all,
What's the recommended way to deploy (or re-deploy) security-sensitive objects (just to say one: private ssh key to avoid client warnings when redeploying a server)?

One solution that comes to my mind is to generate a local GPG key and then authorize it for using a pass store (https://www.passwordstore.org/) before running a softupdate. This is not ideal, since there are no secrets available in the initial installation, though, but prevents leaking any sensitive data.

Best,
Max

Antwort per Email an