* [9front] Loading TLS keys from secstore during boot
@ 2023-04-08 18:59 ooga
2023-04-09 14:15 ` [9front] " ooga
0 siblings, 1 reply; 2+ messages in thread
From: ooga @ 2023-04-08 18:59 UTC (permalink / raw)
To: 9front
On an all-in-one plan9 install, auth+fs+cpu, I load the private TLS keys into factotum from cpurc (from disk). All is fine with the https, IMAP and SMTP servers, but I wonder if I can keep the keys in secstore, instead of the /sys/lib/tls/acmed/ directory.
I've created the sectsore for glenda (with the factotum file holding the TLS keys), I've run auth/wrkey again, this time filling the secstore password (of glenda). But, on boot, factotum has only the authentication keys (p9sk1, dp9ik). It is true that auth/secstored is started in my /cfg/$sysname/cpurc, when factotum is already running. So, I think I miss something and more :)
The FQA mentions that I shouldn't fill the secstore password when I run auth/wrkey on an auth server, but I don't see how else can I do it. If I run auth/secstore, it asks the password. I was hopping the kernel will load that from nvram during boot.
Why it doesn't work?
What else can I do?
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-04-09 14:17 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-08 18:59 [9front] Loading TLS keys from secstore during boot ooga
2023-04-09 14:15 ` [9front] " ooga
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).