On 21/02/20 09:19 +0100, Mark Patruck wrote: > On 2020-02-19 22:17, William Leuschner wrote: > > Hello porters, > > > > I'm trying to set up Zabbix with pre-shared keys so that: > > * connections are encrypted, and > > * the agent will reject connections from anyone without the key. > > The configuration that should work currently fails with a library error. > > > > According to this note from 2017[1], PSK support was removed from > > LibreSSL, and the best choice would be building against gnutls. Has > > anything changed since then, or is gnutls still the best option? If > > gnutls is the best bet, would a gnutls flavor be welcome? > > Though i'm using zabbix mostly in larger setups where only > certificates make sense (handling, security), i see the > advantage of having PSK support when only few monitored > systems are involved (or for testing purposes). >
I concur. I don't see the point in using PSK, nor switching the port to use gnutls. Sorry.
