Add crypt_hash and crypt_cipher as secauth = deprecated
Closed this issue · 0 comments
gss2002 commented
Affected Puppet, Ruby, OS and module versions/distributions
- Puppet:
- Ruby:
- Distribution:
- Module version:
How to reproduce (e.g Puppet code you use)
What are you seeing
What behaviour did you expect instead
Support crypt_hash and crypt_cipher as secauth is deprecated.
crypto_hash
This specifies which HMAC authentication should be used to authenticate all messages. Valid values are none (no authentication), md5, sha1, sha256, sha384 and sha512.
The default is sha1.
crypto_cipher
This specifies which cipher should be used to encrypt all messages. Valid values are none (no encryption), aes256, aes192, aes128 and 3des. Enabling crypto_cipher, requires also
enabling of crypto_hash.
The default is aes256.
secauth
This specifies that HMAC/SHA1 authentication should be used to authenticate all messages. It further specifies that all data should be encrypted with the nss library and aes256
encryption algorithm to protect data from eavesdropping.
Enabling this option adds a encryption header to every message sent by totem which reduces total throughput. Also encryption and authentication consume extra CPU cycles in corosync.
The default is on.
WARNING: This parameter is deprecated. It's recomended to use combination of crypto_cipher and crypto_hash.