[pve-devel] ceph key path
Alexandre DERUMIER
aderumier at odiso.com
Mon Jun 18 09:11:45 CEST 2012
Hi,
they are 2 ways :
--keyfile /etc/pve/priv/ceph/storage.user.key
contain only the key for user
cat /etc/pve/priv/ceph/storage.user.key
AQAuj9xPmDLtMxAAm7bxvscRod9EF0nDscfzXQ==
or (new method I just found )
--keyring /etc/pve/priv/ceph/storage.keyring
contain a list of key for the storaige
cat /etc/pve/priv/ceph/storage.keyring
[client.user1]
key = AQAuj9xPmDLtMxAAm7bxvscRod9EF0nDscfzXQ==
[client.user2]
key = AQAuj9xPmDLtMxAAm7bxvscRod9EF0nDscfzXQ==
Don't know which method is more secure ?
1 keyring by storage or 1 keyfile by user ?
----- Mail original -----
De: "Stefan Priebe" <s.priebe at profihost.ag>
À: "Dietmar Maurer" <dietmar at proxmox.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Lundi 18 Juin 2012 07:12:59
Objet: Re: [pve-devel] ceph key path
Isn't this only valid for a keyring file? I accidentally copied a keyring file with multiple users to the key file and nothing worked.
Am 18.06.2012 um 06:12 schrieb Dietmar Maurer < dietmar at proxmox.com >:
AFAIK a ceph key file can contain keys for more than one user, so it make no sense to use:
'--keyfile', '/etc/pve/priv/ceph/'.$storeid.'.'.$scfg->{username}.'.key'
Instead, it should be enough to use:
'--keyfile', “/etc/pve/priv/ceph/$storeid.key”
What do I miss?
- Dietmar
<blockquote>
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
</blockquote>
_______________________________________________
pve-devel mailing list
pve-devel at pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
--
--
Alexandre D erumier
Ingénieur Système
Fixe : 03 20 68 88 90
Fax : 03 20 68 90 81
45 Bvd du Général Leclerc 59100 Roubaix - France
12 rue Marivaux 75002 Paris - France
More information about the pve-devel
mailing list