On Friday 17 June 2022 at 11:39:14, Mario Freytag wrote: > I’d like to ask about the security of corosync. We’re using a Proxmox HA > setup in our testing environment and need to confirm it’s compliance with > PCI guidelines. > > We have a few questions: > > Is the communication encrypted? > What method of encryption is used? > What method of authentication is used? > What is the recommended way of separation for the corosync network? VLAN?
Your first three questions are probably well-answered by https://github.com/fghaas/corosync/blob/master/SECURITY For the fourth, I agree with Jan Friesse - a dedicated physical network is best; a dedicated VLAN is second best. Antony. -- There's no such thing as bad weather - only the wrong clothes. - Billy Connolly Please reply to the list; please *don't* CC me. _______________________________________________ Manage your subscription: https://lists.clusterlabs.org/mailman/listinfo/users ClusterLabs home: https://www.clusterlabs.org/
