On 26/03/2023 12:42, S Sathish S wrote:
Hi Jan,
Hi,
In Corosync which all scenario it send cpg message and what is impact if we are
not secure communication.
It really depends of what services are used, but generally speaking
corosync without cpg is not super useful so I guess cpg is probably used...
1. Any outsider attacker can manipulate the system using unencrypted
communication.
yes
2. Corosync used for heartbeat communication in that we don't have any sensitive data really need to secure ? if not then any other sensitive data transferred via corosync
communication.
Not sure I understand question - but in general modifying corosync
messages can lead to huge problems. If attacker can really change
messages it's super easy to change membership, make it unstable, ...
it's not really just about changing content of cpg data.
What is the point to turn off encryption?
Regards,
Honza
Thanks and Regards,
S Sathish S
_______________________________________________
Manage your subscription:
https://lists.clusterlabs.org/mailman/listinfo/users
ClusterLabs home: https://www.clusterlabs.org/