On Tue, Jul 03, 2018 at 09:03:03AM +0100, Richard W.M. Jones wrote:
> Pre-Shared Keys (PSK) is a simpler mechanism for enabling TLS
> connections than using certificates. It requires only a simple secret
> key:
>
> $ mkdir -m 0700 /tmp/keys
> $ psktool -u rjones -p /tmp/keys/keys.psk
> $ ca
Pre-Shared Keys (PSK) is a simpler mechanism for enabling TLS
connections than using certificates. It requires only a simple secret
key:
$ mkdir -m 0700 /tmp/keys
$ psktool -u rjones -p /tmp/keys/keys.psk
$ cat /tmp/keys/keys.psk
rjones:d543770c15ad93d76443fb56f501a31969235f47e999720ae8d2
v5 was here:
https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg08491.html
https://lists.gnu.org/archive/html/qemu-devel/2018-07/msg00077.html
v6:
- Make ECDHE-PSK dependent on GnuTLS >= 3.
- Retested against nbdkit.
- Retested with internal unit tests.
Rich.