Hello, I would be very interested if you find any solutions. By design, the FAI config space has to be somewhere where it is accessible without access control (anonymous NFS or whatever), and everything within it obviously has to be readable.
I guess you will need to find other solutions. As for the SSH keys, I am currently trying to publish SSH keys in DNS so clients can verify them. Haven't tested yet what happens when the client already has a (different) key in its known_hosts file, though. Bye, Andreas Am 13.12.22 um 14:47 schrieb Diego Zuccato: > Hello all. > > What's the recommended way to deploy (or re-deploy) security-sensitive > objects (just to say one: private ssh key to avoid client warnings when > redeploying a server)? > > TIA
