Re: Multisite sync: is metadata transferred in plain text?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> We have a multisite Ceph configuration, with http (not https) sync endpoints. Are all sync traffic in plain text?

For S3 v4 auth, there are things that "obfuscates" the login auth, but
might not be called real crypto in that sense, so if you decide to
send things in the clear, expect it to be sent in the clear, even if
it is made "hard to read".

> We have concerns about metadata. For example, when syncing a newly created user and its access key and secret key from the Master zone to a secondary zone, is this traffic in plain text? If so, what are options to encrypt it?

Then either choose https or wrap your traffic in any of the VPN
solutions from the last 30 years or so.
If the endpoints can't be changed to https for some reason, then
secure all the traffic just like with any other communication
protocol.

-- 
May the most significant bit of your life be positive.
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux