PSK requires Stunnel version 5.09 or higher. For an example of setting up authentication using PSK, see https://www.stunnel.org/auth.html. Note that the minimum PSK key length is 20 chars. Use the following steps to enable PSK for Agents.
Change PSK key file owner and group to ‘uptimeagent’, for example:
chown uptimeagent /opt/uptime-agent/conf/psk.txt chgrp uptimeagent /opt/uptime-agent/conf/psk.txt
The following is an example of Stunnel configuration for the PSK support:
exec = /opt/uptime-agent/bin/uptimeagent options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 options = NO_TLSv1.1 ciphers=PSK PSKsecrets=/opt/uptime-agent/conf/psk.txt PSKidentity=test1 Content of /opt/uptime-agent/conf/psk.txt: test1:qqtest11qqtest11qqtest11
- When adding Agents to the Monitoring Station, be sure to select Use TLS-PSK or other corresponding option in the Global Credentials Settings page.