On 16/05/2025 8:16, Christoph Hellwig wrote:
On Thu, May 15, 2025 at 08:31:23AM -0400, Chuck Lever wrote:
Note that for now the .nfs keyring still needs to be added to
tlshd.conf, but that should go away with the handshake enhacement
from Hannes.
Just curious: Is there a downside to shipping a default /etc/tlshd.conf
with the NVMe and NFS keyrings already added?
That's probably a good idea for the current situation, but doesn't
resolve solve the overall problem of having to add every new service
there.
IIRC Hannes told me that latest tlshd already does this for .nvme keyring
