[Gluster-users] GlusterFS Security Stunnel or alternative?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 26 Oct 2009 10:05:52 +0100, Tomasz Chmielewski <mangoo at wpkg.org>
wrote:
> Jeffery Soo wrote:
>> I'm using glusterfs 2.07 and I'm trying to secure it.  I'm using it on a

>> switch that is connected to the internet.
>> I've tried using stunnel but it uses like 90% of CPU on both client and 
>> server.  It also reduces throughput by 3-4x.
>> 
>> Is there any better way or translator that will be available soon to 
>> secure and encrypt the connection, or is glusterfs really meant to be 
>> used only on a private internal switch?
> 
> I don't think there is any usable translator for that.
> 
> You can try running it over an IPsec or OpenVPN tunnel.
> 
> If you run glusterfs over internet, you might also consider enabling 
> compression in the VPN tunnel; this could technically increase your 
> throughput.

http://gluster.com/community/documentation/index.php/Translators/encryption/rot-13

ROT-13 is a toy translator that can "encrypt" and "decrypt" file contents
using the ROT-13 algorithm. ROT-13 is a trivial algorithm that rotates each
alphabet by thirteen places. Thus, 'A' becomes 'N', 'B' becomes 'O', and
'Z' becomes 'M'.

It goes without saying that you shouldn't use this translator if you need
_real_ encryption (a future release of GlusterFS will have real encryption
translators). 

so its an upcoming feature.

Why dont use GRE or ssh?


[Index of Archives]     [Gluster Development]     [Linux Filesytems Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux