[DRBD-user] correction: DRBD does not do encryption -- was: Remove network cable causing system reboot
Lars Ellenberg
lars.ellenberg at linbit.com
Tue Aug 16 22:22:38 CEST 2011
On Tue, Aug 16, 2011 at 12:55:28PM -0400, Digimer wrote:
> A couple of comments:
>
> > net {
> > allow-two-primaries;
> > cram-hmac-alg sha1;
> > shared-secret "123456";
>
> You're on a dedicated link, so there is no real reason to add the
> overhead of encryption.
DRBD does not do encryption.
This is only a challenge response "pre-shared-key" like "authentication"
of the peers during the initial handshake.
The rest of the DRBD TCP session will be just as "plain text"
as without this option.
--
: Lars Ellenberg
: LINBIT | Your Way to High Availability
: DRBD/HA support and consulting http://www.linbit.com
More information about the drbd-user
mailing list