Provided by: corosync_2.3.5-3ubuntu1_i386 bug

NAME

       corosync-keygen - Generate an authentication key for Corosync.

SYNOPSIS

       corosync-keygen [-k <filename>] [-l]

DESCRIPTION

       If  you  want  to configure corosync to use cryptographic techniques to
       ensure authenticity and privacy of  the  messages,  you  will  need  to
       generate a private key.

       corosync-keygen creates this key and writes it to /etc/corosync/authkey
       or to file specified by -k option.

       This private key must be copied to every processor in the cluster.   If
       the  private  key  isn't  the  same  for  every  node, those nodes with
       nonmatching  private  keys  will  not  be  able  to   join   the   same
       configuration.

       Copy  the  key  to  some  security  transportable storage or use ssh to
       transmit the key from node to node.  Then  install  the  key  with  the
       command:

       unix#:      install      -D     --group=0     --owner=0     --mode=0400
       /path_to_authkey/authkey /etc/corosync/authkey

       If a message "Invalid digest" appears from the corosync executive,  the
       keys are not consistent between processors.

       Note:  corosync-keygen  will ask for user input to assist in generating
       entropy unless the -l option is used.

OPTIONS

       -k <filename>
              This specifies the fully qualified path to  the  shared  key  to
              create.
              The default is /etc/corosync/authkey.

       -l     Use  a less secure random data source that will not require user
              input to help generate entropy.  This may be  useful  when  this
              utility  is  used  from  a  script  or  hardware  random  number
              generator is not available (f.e. in virtual machine).

EXAMPLES

       Generate the key.

       # corosync-keygen
       Corosync Cluster Engine Authentication key generator.
       Gathering 1024 bits for key from /dev/random.
       Press keys on your keyboard to generate entropy.

       $ corosync-keygen -l -k /tmp/authkey
       Corosync Cluster Engine Authentication key generator.
       Writing corosync key to /tmp/authkey.

SEE ALSO

       corosync_overview(8), corosync.conf(5),

AUTHOR

       Angus Salkeld

                                  2010-05-30                COROSYNC-KEYGEN(8)