[Csync2] generating key takes really long time
Clifford Wolf
clifford at clifford.at
Wed Feb 6 13:38:08 CET 2008
Hi again,
On Wed, Feb 06, 2008 at 06:39:48AM -0500, George H wrote:
> OK, so I take it I have to use the same .csr .pem files on the other
> "trustworthy" machine when generating the key.
no. the key generated using 'csync2 -k' ist just a random string used as
shared secret between the machines. it has nothing to do with the SSL
encryption you can use in the transport layer.
however, generating the x509 certificates for SSL will also require random
data, so you are likely to run into the same problem when trying the create
the certificates.
if you are not so much concerned about the randomness of your keys you
could also consider creating a symlink /dev/random -> /dev/urandom on your
blade server. this would end all those problems but would result in less
random keys..
yours,
- clifford
--
"One of my most productive days was throwing away 1000 lines of code."
- Ken Thompson
More information about the Csync2
mailing list