[ClusterLabs] Antw: Re: Few questions regarding corosync authkey

Ulrich Windl Ulrich.Windl at rz.uni-regensburg.de
Thu Jun 23 08:20:51 UTC 2016 

>>> Jan Friesse <jfriesse at redhat.com> schrieb am 06.06.2016 um 09:01 in Nachricht
<57551FC5.9000707 at redhat.com>:
>>  Hi,
>>
>> Would like to understand how secure is the corosync authkey.
>> As the authkey is a binary file, how is the private key saved inside the
>> authkey?
> 
> Corosync uses symmetric encryption, so there is no public certificate. 
> authkey = private key
> 
>> What safeguard mechanisms are in place if the private key is compromised?

I don't know the details, but I'm assuming the key is stored as a simple binary stream in the file.
Easy things against random (not intentional) corruption would be:
1) Add the key length at the start
2) Store the key twice, like <length> <first_copy> <second_copy>, maybe using the 1-complement for the second copy.
3) Alternatively, also provide some checksum at the start or end of the key, maybe like: <length> <key> [<checksum type>] <checksum>

So the user of the key would at least verify the integrity at start and probably complain loud if it seems corrupted, or re-read and check the key occasionally. Re-reading the key would be a first step for allowing to upgrade the key.

I guess a node using a different key will be fenced as not responding very soon; right?

(Sorry for the late reply, I was busy doing nothing the last two weeks ;-) Now trying to read a few thousand messages...

Regards,
Ulrich

> 
> No safeguard mechanisms. Compromised authkey = problem.
> 
>> For e.g I don't think it uses any temporary session key which refreshes
>> periodically.
> 
> Exactly
> 
>> Is it possible to dynamically update the key without causing any outage?
> 
> Nope
> 
> Regards,
>    Honza
> 
>>
>> -Thanks
>> Nikhil
>>
>>
>>
>> _______________________________________________
>> Users mailing list: Users at clusterlabs.org 
>> http://clusterlabs.org/mailman/listinfo/users 
>>
>> Project Home: http://www.clusterlabs.org 
>> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf 
>> Bugs: http://bugs.clusterlabs.org 
>>
> 
> 
> _______________________________________________
> Users mailing list: Users at clusterlabs.org 
> http://clusterlabs.org/mailman/listinfo/users 
> 
> Project Home: http://www.clusterlabs.org 
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf 
> Bugs: http://bugs.clusterlabs.org

More information about the Users mailing list