| ▲ | lmz 2 days ago | |
Once it's networked you lose the "whitelist of systemd services" and it's then no different from any networked secret store. | ||
| ▲ | otabdeveloper4 a day ago | parent [-] | |
No, this is a solved problem: https://spiffe.io/ You can do service attestation securely, even for networked services. | ||