|
|
|
|
|
|
by 0x44
4076 days ago
|
|
|
You could leverage the TPM and some version of remote attestation and only permit key-requests from attested machines. Alternatively (or concurrently), you could PXE boot all devices with a parameterized shared-secret individualized for each node. |
|
|