Shared key does not work on server-colocated client

Currently shared-key code does not allow to enable shared key for a client colocated on one of the servers.
The proper bits are just never set and such clients are always accepted in the clear.
I tried a client colocated on MDS and on OST and they both don't work. Client that's all by itself works as expected.

Obviously single-node configuration does not work either.

It's desirable to allow server-colocated clients to also be protected with the shared key for a variety reasons, I imagine, including possibility of rogue servers, servers that don't have a protected link to the rest of the network and so on.