[ClusterLabs] Few questions regarding corosync authkey

Jan Friesse jfriesse at redhat.com
Mon Jun 6 03:01:25 EDT 2016

> Hi,
> Would like to understand how secure is the corosync authkey.
> As the authkey is a binary file, how is the private key saved inside the
> authkey?

Corosync uses symmetric encryption, so there is no public certificate. 
authkey = private key

> What safeguard mechanisms are in place if the private key is compromised?

No safeguard mechanisms. Compromised authkey = problem.

> For e.g I don't think it uses any temporary session key which refreshes
> periodically.


> Is it possible to dynamically update the key without causing any outage?



> -Thanks
> Nikhil
> _______________________________________________
> Users mailing list: Users at clusterlabs.org
> http://clusterlabs.org/mailman/listinfo/users
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org

More information about the Users mailing list