[DRBD-user] correction: DRBD does not do encryption -- was: Remove network cable causing system reboot

Lars Ellenberg lars.ellenberg at linbit.com
Tue Aug 16 22:22:38 CEST 2011

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.


On Tue, Aug 16, 2011 at 12:55:28PM -0400, Digimer wrote:
> A couple of comments:
> 
> >         net {
> >                 allow-two-primaries;                 
> >                 cram-hmac-alg sha1;
> >                 shared-secret "123456";
> 
> You're on a dedicated link, so there is no real reason to add the
> overhead of encryption.

DRBD does not do encryption.
This is only a challenge response "pre-shared-key" like "authentication"
of the peers during the initial handshake.

The rest of the DRBD TCP session will be just as "plain text"
as without this option.

-- 
: Lars Ellenberg
: LINBIT | Your Way to High Availability
: DRBD/HA support and consulting http://www.linbit.com



More information about the drbd-user mailing list