SIMPLE SOLUTIONS

AUTHKEYS(5) - man page online | file formats

Authentication file for the Heartbeat cluster messaging layer.

Chapter
24 Nov 2009
AUTHKEYS(5)                            Configuration Files                            AUTHKEYS(5)

NAME

authkeys - Authentication file for the Heartbeat cluster messaging layer

DESCRIPTION

/etc/ha.d/authkeys is read by heartbeat(8). It enables Heartbeat to securely authenticate cluster nodes. This file must not be readable or writable by any users other than root.

FILE FORMAT

Two lines are required in the authkeys file: 1. A line which says which key to use in signing outgoing packets 2. One or more lines defining how incoming packets might be being signed. The file must follow the following format: auth num num method secret num method secret num method secret ... num is a numerical identifier, between 1 and 15 inclusive. It must be unique within the file. method is one of the available authentication signature methods (see below for supported methods). secret is an alphanumerical shared secret used to identify cluster nodes to each other. auth num selects the currently active authentication method and secret.

SUPPORTED SIGNATURE METHODS

The following signature methods are supported in authkeys (listed here in alphabetical order): md5 MD5 hash method. This method requires a shared secret. sha1 SHA-1 hash method. This method requires a shared secret. crc Cyclic Redundancy Check hash method. This method does not require a shared secret and is insecure; it's use is strongly discouraged. An absolutely up-to-date list of authentication methods supported may be retrieved by running ls /usr/lib/heartbeat/plugins/HBauth/*.so.

AUTHORS

Alan Robertson <@unix.sh> heartbeat, original Wiki page Lars Ellenberg <@linbit.com> Heartbeat Maintainer; code fixes; documentation updates Florian Haas <@linbit.com> man page
Heartbeat 3.0.6 24 Nov 2009 AUTHKEYS(5)
This manual Reference Other manuals
authkeys(5) referred by cl_status(1) | heartbeat(8)
refer to heartbeat(8)