On 22.06.2022 02:27, Antony Stone wrote: > On Friday 17 June 2022 at 11:39:14, Mario Freytag wrote: > >> I’d like to ask about the security of corosync. We’re using a Proxmox HA >> setup in our testing environment and need to confirm it’s compliance with >> PCI guidelines. >> >> We have a few questions: >> >> Is the communication encrypted? >> What method of encryption is used? >> What method of authentication is used? >> What is the recommended way of separation for the corosync network? VLAN? > > Your first three questions are probably well-answered by > https://github.com/fghaas/corosync/blob/master/SECURITY >
This is thirteen years old file which is not present in the current corosync sources. I hesitate to use it as the answer to anything *today*. If it is still relevant, why it was removed? > For the fourth, I agree with Jan Friesse - a dedicated physical network is > best; a dedicated VLAN is second best. > > > Antony. > _______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/