On Fri, Jan 11, 2019 at 11:24 AM Sergio A. de Carvalho Jr. <
scarvalh...@gmail.com> wrote:
> Thanks for the answers, guys!
>
> Am I right to assume msgr2 (http://docs.ceph.com/docs/mimic/dev/msgr2/)
> will provide encryption between Ceph daemons as well as between clients and
> daemons?
>
> Does a
Thanks for the answers, guys!
Am I right to assume msgr2 (http://docs.ceph.com/docs/mimic/dev/msgr2/)
will provide encryption between Ceph daemons as well as between clients and
daemons?
Does anybody know if it will be available in Nautilus?
On Fri, Jan 11, 2019 at 8:10 AM Tobias Florek wrote:
Hi,
as others pointed out, traffic in ceph is unencrypted (internal traffic
as well as client traffic). I usually advise to set up IPSec or
nowadays wireguard connections between all hosts. That takes care of
any traffic going over the wire, including ceph.
Cheers,
Tobias Florek
signature.as
dhat.com/berrange/kvm-forum-2016/kvm-forum-2016-security.pdf
- Mail original -
De: "Sergio A. de Carvalho Jr."
À: "ceph-users"
Envoyé: Jeudi 10 Janvier 2019 19:59:06
Objet: [ceph-users] Encryption questions
Hi everyone, I have some questions about encryption in C
Hi,
AFAIK, there is no encryption on the wire, either between daemons or
between a daemon and a client
The only encryption available on Ceph is at rest, using dmcrypt (aka
your data are encrypted before being written on disk)
Regards,
On 01/10/2019 07:59 PM, Sergio A. de Carvalho Jr. wrote:
> Hi
Hi everyone, I have some questions about encryption in Ceph.
1) Are RBD connections encrypted or is there an option to use encryption
between clients and Ceph? From reading the documentation, I have the
impression that the only option to guarantee encryption in transit is to
force clients to encry
