[ClusterLabs] Few questions regarding corosync authkey
Jan Friesse
jfriesse at redhat.com
Mon Jun 6 07:01:25 UTC 2016
> Hi,
>
> Would like to understand how secure is the corosync authkey.
> As the authkey is a binary file, how is the private key saved inside the
> authkey?
Corosync uses symmetric encryption, so there is no public certificate.
authkey = private key
> What safeguard mechanisms are in place if the private key is compromised?
No safeguard mechanisms. Compromised authkey = problem.
> For e.g I don't think it uses any temporary session key which refreshes
> periodically.
Exactly
> Is it possible to dynamically update the key without causing any outage?
Nope
Regards,
Honza
>
> -Thanks
> Nikhil
>
>
>
> _______________________________________________
> Users mailing list: Users at clusterlabs.org
> http://clusterlabs.org/mailman/listinfo/users
>
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://bugs.clusterlabs.org
>
More information about the Users
mailing list