FreeBSD Manual Pages

home | help

COROSYNC-KEYGEN(8)	    System Manager's Manual	    COROSYNC-KEYGEN(8)

NAME
       corosync-keygen - Generate an authentication key	for Corosync.

SYNOPSIS
       corosync-keygen [-k <filename>]	[-m <randomfile>] [-s size] [-l] [-h]

DESCRIPTION
       If  you	want  to configure corosync to use cryptographic techniques to
       ensure authenticity and privacy of the messages,	you will need to  gen-
       erate a private key.

       corosync-keygen creates this key	and writes it to /etc/corosync/authkey
       or to file specified by -k option.

       This  private key must be copied	to every processor in the cluster.  If
       the private key isn't the same for every	node, those  nodes  with  non-
       matching	private	keys will not be able to join the same configuration.

       Copy  the  key  to  some	 security  transportable storage or use	ssh to
       transmit	the key	from node to node.  Then install the key with the com-
       mand:

       unix#: install -D --group=0 --owner=0 --mode=0400  /path_to_authkey/au-
       thkey /etc/corosync/authkey

       If  a message "Invalid digest" appears from the corosync	executive, the
       keys are	not consistent between processors.

OPTIONS
       -k <filename>
	      This specifies the fully qualified path to  the  shared  key  to
	      create.
	      The default is /etc/corosync/authkey.

       -r     Random  number source file. Default is /dev/urandom. As an exam-
	      ple /dev/random may be used when	really	superb	randomness  is
	      needed.

       -s size
	      Size  of	the  generated key in bytes. Default is	256 bytes. Al-
	      lowed range is <128, 4096>.

       -l     Option is	not used and it's kept only for	compatibility.

       -h     Print basic usage.

EXAMPLES
       Generate	the key.
	      #	corosync-keygen
	      Corosync Cluster Engine Authentication key generator.
	      Gathering	2048 bits for key from /dev/urandom.
	      Writing corosync key to /etc/corosync/authkey

       Generate	longer key and store it	in the /tmp/authkey file.
	      $	corosync-keygen	-s 2048	-k /tmp/authkey
	      Corosync Cluster Engine Authentication key generator.
	      Gathering	16384 bits for key from	/dev/urandom.
	      Writing corosync key to /tmp/authkey.

       Generate	superb key using /dev/random
	      #	corosync-keygen	-r /dev/random
	      Gathering	2048 bits for key from /dev/random.
	      Press keys on your keyboard to generate entropy.
	      Press keys on your keyboard to generate entropy (1128 bits still needed).
	      Press keys on your keyboard to generate entropy (504 bits	still needed).
	      Press keys on your keyboard to generate entropy (128 bits	still needed).
	      Press keys on your keyboard to generate entropy (32 bits still needed).
	      Writing corosync key to /etc/corosync/authkey.

SEE ALSO
       corosync_overview(7), corosync.conf(5),

AUTHOR
       Angus Salkeld

				  2019-04-09		    COROSYNC-KEYGEN(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=corosync-keygen&sektion=8&manpath=FreeBSD+Ports+14.3.quarterly>

home | help

Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages