It looks to me like a way to declaratively install your ssh keys which from what I’m reading sops doesn’t appear to do
Am I wrong in taking the conclusion SOPS stores that stuff encrypted at rest, and the only way to use them is either through the SOPS cli, or through whatever tool that wants the secrets implementing their library?
What does this do vs just using SOPS?
It looks to me like a way to declaratively install your ssh keys which from what I’m reading sops doesn’t appear to do
Am I wrong in taking the conclusion SOPS stores that stuff encrypted at rest, and the only way to use them is either through the SOPS cli, or through whatever tool that wants the secrets implementing their library?
Sops-nix decrypts secrets at runtime and allows you to create symlinks to the secret files (/run/secret.d…) so this could be used for ssh keys AFAIK.
Ah right didn’t realise there was a nix version of it, will have a look