I will try to go more in-depth in later posts, but many users, especially in a k8s context probably have a socket activated sshd listener on vsock, that may pose a serious risk and possibly violate your security assumptions.