<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I am not sure if encryption is fully working with NFS. I see one
issue still in OPEN state i.e.<br>
<br>
<a class="moz-txt-link-freetext" href="https://bugzilla.redhat.com/show_bug.cgi?id=1065639">https://bugzilla.redhat.com/show_bug.cgi?id=1065639</a><br>
<br>
Thanks,<br>
Santosh<br>
<br>
<br>
<div class="moz-cite-prefix">On 06/19/2014 03:38 AM, Mark Lewis
wrote:<br>
</div>
<blockquote cite="mid:CFC7CC60.11445%25q@phosph.re" type="cite">
<div style="color: rgb(0, 0, 0);"><font face="Andale Mono">Hello</font></div>
<div style="color: rgb(0, 0, 0);"><font face="Andale Mono">I’ve
looked around as much as possible, but I want to tread
carefully. I’ve created a couple of gluster volumes and
before I do a</font></div>
<div style="color: rgb(0, 0, 0);"><font face="Andale Mono"><br>
</font></div>
<div style="color: rgb(0, 0, 0);"><font face="Andale Mono">gluster
volume set <Vol> encryption.master-key /path/to/key</font></div>
<div style="color: rgb(0, 0, 0);"><font face="Andale Mono"><br>
</font></div>
<div><font face="Andale Mono">for each, I need to plan properly
and decide the path. Given the key only needs to be in place
during the mount operation, there are a number of ways I can
think of approaching this matter but I don’t like them. I
don’t think it’s safe to keep the keys on the servers local to
the data in case the box(es) are rooted.</font></div>
<div><font face="Andale Mono"><br>
</font></div>
<div><font face="Andale Mono">I will basically have any number of
VMs running concurrently, and they will each be wanting to
access a different encrypted gluster volume over the network.
Each will have been given the master key for the
corresponding volume (although as I’m in the process of
building out the platform, it doesn’t have to be that way. I
wanna do it right first time though obviously).</font></div>
<div><font face="Andale Mono"><br>
</font></div>
<div><font face="Andale Mono">What’s the best practice?</font></div>
<div><font face="Andale Mono"><br>
</font></div>
<div><font face="Andale Mono">Thanks IA</font></div>
<div><font face="Andale Mono">Mark</font></div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Gluster-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Gluster-users@gluster.org">Gluster-users@gluster.org</a>
<a class="moz-txt-link-freetext" href="http://supercolony.gluster.org/mailman/listinfo/gluster-users">http://supercolony.gluster.org/mailman/listinfo/gluster-users</a></pre>
</blockquote>
<br>
</body>
</html>