Re: [EXTERNAL] Multisite sync: is metadata transferred in plain text?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you Alex. I was hoping session key might be used to encrypt meta data.

Thanks,
Mary

On Mon, Sep 23, 2024, 1:24 AM Alex Hussein-Kershaw (HE/HIM) <
alexhus@xxxxxxxxxxxxx> wrote:

> Feels like you answered your own question here - why not just use HTTPS
> for your multisite sync?
>
> I'm not aware of any other encryption mechanisms for metadata (I guess
> using SSE encryption for your data may save that going over in plain text)
> and would assume that just using HTTP would indeed be a security risk.
>
> ------------------------------
> *From:* maryzhang0920@xxxxxxxxx <maryzhang0920@xxxxxxxxx>
> *Sent:* Thursday, September 19, 2024 6:01 AM
> *To:* ceph-users@xxxxxxx <ceph-users@xxxxxxx>
> *Subject:* [EXTERNAL]  Multisite sync: is metadata
> transferred in plain text?
>
> Hi,
>
> We have a multisite Ceph configuration, with http (not https) sync
> endpoints. Are all sync traffic in plain text?
> We have concerns about metadata. For example, when syncing a newly created
> user and its access key and secret key from the Master zone to a secondary
> zone, is this traffic in plain text? If so, what are options to encrypt it?
>
> Thank you,
> Mary
> _______________________________________________
> ceph-users mailing list -- ceph-users@xxxxxxx
> To unsubscribe send an email to ceph-users-leave@xxxxxxx
>
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux