RegionServers persist data into HDFS, so if you wish the data transfer to be encrypted, use "dfs.encrypt.data.transfer" . This only encrypts the transfer. As another option you can enable transparent server side encryption in HBase 0.98 and higher. This will encrypt data for persistence inside HBase before any write or data transfer using HDFS. For more information see the Security section of our online manual: http://hbase.apache.org/book/security.html
RegionServers and the Master send administrative messages between themselves using RPC. Communication between RegionServers and clients is also by way of RPC. RPC can be secured by using Kerberos authentication in conjunction with auth-conf SASL privacy settings. Set up Kerberos and then set "hbase.rpc.protection" to "privacy" in the HBase site configuration . > How does HBase (with SSE) What do you mean by "SSE" ? On Thu, Oct 23, 2014 at 11:10 AM, Krishna <[email protected]> wrote: > Hi, > > How does HBase (with SSE) deal with "dfs.encrypt.data.transfer" in HDFS > configuration? Does it use this parameter when data is transferred between > RS? > > Hadoop 2.4 > HBase 0.98 > > Thanks > -- Best regards, - Andy Problems worthy of attack prove their worth by hitting back. - Piet Hein (via Tom White)
