Provided by: corosync_2.3.5-3ubuntu1_i386 bug


       corosync-keygen - Generate an authentication key for Corosync.


       corosync-keygen [-k <filename>] [-l]


       If  you  want  to configure corosync to use cryptographic techniques to
       ensure authenticity and privacy of  the  messages,  you  will  need  to
       generate a private key.

       corosync-keygen creates this key and writes it to /etc/corosync/authkey
       or to file specified by -k option.

       This private key must be copied to every processor in the cluster.   If
       the  private  key  isn't  the  same  for  every  node, those nodes with
       nonmatching  private  keys  will  not  be  able  to   join   the   same

       Copy  the  key  to  some  security  transportable storage or use ssh to
       transmit the key from node to node.  Then  install  the  key  with  the

       unix#:      install      -D     --group=0     --owner=0     --mode=0400
       /path_to_authkey/authkey /etc/corosync/authkey

       If a message "Invalid digest" appears from the corosync executive,  the
       keys are not consistent between processors.

       Note:  corosync-keygen  will ask for user input to assist in generating
       entropy unless the -l option is used.


       -k <filename>
              This specifies the fully qualified path to  the  shared  key  to
              The default is /etc/corosync/authkey.

       -l     Use  a less secure random data source that will not require user
              input to help generate entropy.  This may be  useful  when  this
              utility  is  used  from  a  script  or  hardware  random  number
              generator is not available (f.e. in virtual machine).


       Generate the key.

       # corosync-keygen
       Corosync Cluster Engine Authentication key generator.
       Gathering 1024 bits for key from /dev/random.
       Press keys on your keyboard to generate entropy.

       $ corosync-keygen -l -k /tmp/authkey
       Corosync Cluster Engine Authentication key generator.
       Writing corosync key to /tmp/authkey.


       corosync_overview(8), corosync.conf(5),


       Angus Salkeld

                                  2010-05-30                COROSYNC-KEYGEN(8)