yeah, you really have to protect the pre-auth key, not much way around it. We could look at adding a config option such that the pre-auth is only allowed from a set set of IPs, but if someone can break into the machine holding the pre-auth key, you probably have bigger things to worry about
