[ClusterLabs] Question regarding the security of corosync
Jan Friesse
jfriesse at redhat.com
Tue Jun 21 11:08:44 EDT 2022
Hi Mario,
On 17/06/2022 11:39, Mario Freytag wrote:
> Dear sirs, or madams,
>
> I’d like to ask about the security of corosync. We’re using a Proxmox HA setup in our testing environment and need to confirm it’s compliance with PCI guidelines.
>
> We have a few questions:
>
> Is the communication encrypted?
Depends on configuration, but (I think) default for proxmox is to set
secauth: on, so yes, communication is encrypted.
> What method of encryption is used?
aes256
> What method of authentication is used?
sha256
> What is the recommended way of separation for the corosync network? VLAN?
separate network card is always best. Vlan is probably second best.
Regards,
Honza
>
> Best regards
>
> Mario Freytag
> Systemadministrator | WEBINC GmbH & Co. KG
>
> Unter den Eichen 5 Geb. F | 65195 Wiesbaden | T +49 611 541075 0
> Amtsgericht Wiesbaden | HRA 9610 | Geschäftsführung: Marina Maurer, Monika Brandes
>
>
> _______________________________________________
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users
>
> ClusterLabs home: https://www.clusterlabs.org/
>
More information about the Users
mailing list