Re: Encryption questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

AFAIK, there is no encryption on the wire, either between daemons or
between a daemon and a client
The only encryption available on Ceph is at rest, using dmcrypt (aka
your data are encrypted before being written on disk)

Regards,

On 01/10/2019 07:59 PM, Sergio A. de Carvalho Jr. wrote:
> Hi everyone, I have some questions about encryption in Ceph.
> 
> 1) Are RBD connections encrypted or is there an option to use encryption
> between clients and Ceph? From reading the documentation, I have the
> impression that the only option to guarantee encryption in transit is to
> force clients to encrypt volumes via dmcrypt. Is there another option? I
> know I could encrypt the OSDs but that's not going to solve the problem of
> encryption in transit.
> 
> 2) I'm also struggling to understand if communication between Ceph daemons
> (monitors and OSDs) are encrypted or not. I came across a few references
> about msgr2 but I couldn't tell if it is already implemented. Can anyone
> confirm this?
> 
> I'm currently starting a new project using Ceph Mimic but if there's
> something new in this space expected for Nautilus, it would be good to know
> as well.
> 
> Regards,
> 
> Sergio
> 
> 
> 
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
> 

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux