Secure deploy of keys

[Maximilian Stein]

Hi all,
> What's the recommended way to deploy (or re-deploy) security-sensitive 
> objects (just to say one: private ssh key to avoid client warnings 
> when redeploying a server)?
>
One solution that comes to my mind is to generate a local GPG key and 
then authorize it for using a pass store 
(https://www.passwordstore.org/) before running a softupdate. This is 
not ideal, since there are no secrets available in the initial 
installation, though, but prevents leaking any sensitive data.

Best,
Max