Got it, thank you Janne. Best Regards, Mary
On Mon, Sep 23, 2024, 1:30 AM Janne Johansson <icepic...@gmail.com> wrote: > > We have a multisite Ceph configuration, with http (not https) sync > endpoints. Are all sync traffic in plain text? > > For S3 v4 auth, there are things that "obfuscates" the login auth, but > might not be called real crypto in that sense, so if you decide to > send things in the clear, expect it to be sent in the clear, even if > it is made "hard to read". > > > We have concerns about metadata. For example, when syncing a newly > created user and its access key and secret key from the Master zone to a > secondary zone, is this traffic in plain text? If so, what are options to > encrypt it? > > Then either choose https or wrap your traffic in any of the VPN > solutions from the last 30 years or so. > If the endpoints can't be changed to https for some reason, then > secure all the traffic just like with any other communication > protocol. > > -- > May the most significant bit of your life be positive. > _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
