Does it really matter that the install client uses ssh to save log files, and that ssh is used to access the install client from the server?
Since the client mounts the filesystem containing its secret keys with nfs, the secret host key and user key pass in the clear from server to client when the client opens them to make a connection. That compromises the security, right? There would need to be away to encrypt the NFS mount. Is this possible? Or maybe use a bootfloppy and modify the script to generate keys for every floppy, and symlink this so the client does not open the secret keys through a cleartext connection. --mark--
