Comparison of secret managing schemes: Difference between revisions
imported>Ryantm No edit summary |
imported>Ryantm No edit summary |
||
| Line 58: | Line 58: | ||
| ''N/A'' the user has to run {{ic|nixops | | ''N/A'' the user has to run {{ic|nixops | ||
send-keys}} to create these files after a reboot (not required after every reboot if `destDir` is persistent storage) | send-keys}} to create these files after a reboot (not required after every reboot if `destDir` is persistent storage) | ||
| unencrypted in {{ic|/run/keys/...}} | | unencrypted in {{ic|/run/keys/...} or `destDir`} | ||
| yes | | yes | ||
| "out of band", secret management happens outside of {{ic|nixos-rebuild}} | | "out of band", secret management happens outside of {{ic|nixos-rebuild}} | ||