Perfect. Thanks for the quick response Honza. Cheers Nikhil
On Fri, Mar 11, 2016 at 4:10 PM, Jan Friesse <jfrie...@redhat.com> wrote: > Nikhil, > > Nikhil Utane napsal(a): > >> Hi, >> >> I changed some configuration and captured packets. I can see that the data >> is already garbled and not in the clear. >> So does corosync already have this built-in? >> Can somebody provide more details as to what all security features are >> incorporated? >> > > See man page corosync.conf(5) options crypto_hash, crypto_cipher (for > corosync 2.x) and potentially secauth (for coorsync 1.x and 2.x). > > Basically corosync by default uses aes256 for encryption and sha1 for hmac > authentication. > > Pacemaker uses corosync cpg API so as long as encryption is enabled in the > corosync.conf, messages interchanged between nodes are encrypted. > > Regards, > Honza > > >> -Thanks >> Nikhil >> >> On Fri, Mar 11, 2016 at 11:38 AM, Nikhil Utane < >> nikhil.subscri...@gmail.com> >> wrote: >> >> Hi, >>> >>> Does corosync provide mechanism to secure the communication path between >>> nodes of a cluster? >>> I would like all the data that gets exchanged between all nodes to be >>> encrypted. >>> >>> A quick google threw up this link: >>> https://github.com/corosync/corosync/blob/master/SECURITY >>> >>> Can I make use of it with pacemaker? >>> >>> -Thanks >>> Nikhil >>> >>> >>> >> >> >> _______________________________________________ >> Users mailing list: Users@clusterlabs.org >> http://clusterlabs.org/mailman/listinfo/users >> >> Project Home: http://www.clusterlabs.org >> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf >> Bugs: http://bugs.clusterlabs.org >> >> > > _______________________________________________ > Users mailing list: Users@clusterlabs.org > http://clusterlabs.org/mailman/listinfo/users > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: http://bugs.clusterlabs.org >
_______________________________________________ Users mailing list: Users@clusterlabs.org http://clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org