Restricting deferred node password validation to only requests from the local node is not possible without breaking split-role cluster cold start. There are too many cases where node password secrets may not yet be available due to the apiserver not being up.
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>