Provided by: corosync_3.1.7-1ubuntu3_amd64 bug

NAME
       corosync-keygen - Generate an authentication key for Corosync.


SYNOPSIS
       corosync-keygen [-k <filename>]  [-m <randomfile>] [-s size] [-l] [-h]


DESCRIPTION
       If  you  want to configure corosync to use cryptographic techniques to ensure authenticity and privacy of
       the messages, you will need to generate a private key.

       corosync-keygen creates this key and writes it to  /etc/corosync/authkey  or  to  file  specified  by  -k
       option.

       This private key must be copied to every processor in the cluster.  If the private key isn't the same for
       every node, those nodes with nonmatching private keys will not be able to join the same configuration.

       Copy the key to some security transportable storage or use ssh to transmit the key  from  node  to  node.
       Then install the key with the command:

       unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey /etc/corosync/authkey

       If  a  message  "Invalid digest" appears from the corosync executive, the keys are not consistent between
       processors.


OPTIONS
       -k <filename>
              This specifies the fully qualified path to the shared key to create.
              The default is /etc/corosync/authkey.

       -r     Random number source file. Default is /dev/urandom. As an example /dev/random  may  be  used  when
              really superb randomness is needed.

       -s size
              Size of the generated key in bytes. Default is 256 bytes. Allowed range is <128, 4096>.

       -l     Option is not used and it's kept only for compatibility.

       -h     Print basic usage.


EXAMPLES
       Generate the key.
              # corosync-keygen
              Corosync Cluster Engine Authentication key generator.
              Gathering 2048 bits for key from /dev/urandom.
              Writing corosync key to /etc/corosync/authkey

       Generate longer key and store it in the /tmp/authkey file.
              $ corosync-keygen -s 2048 -k /tmp/authkey
              Corosync Cluster Engine Authentication key generator.
              Gathering 16384 bits for key from /dev/urandom.
              Writing corosync key to /tmp/authkey.

       Generate superb key using /dev/random
              # corosync-keygen -r /dev/random
              Gathering 2048 bits for key from /dev/random.
              Press keys on your keyboard to generate entropy.
              Press keys on your keyboard to generate entropy (1128 bits still needed).
              Press keys on your keyboard to generate entropy (504 bits still needed).
              Press keys on your keyboard to generate entropy (128 bits still needed).
              Press keys on your keyboard to generate entropy (32 bits still needed).
              Writing corosync key to /etc/corosync/authkey.


SEE ALSO
       corosync_overview(7), corosync.conf(5),


AUTHOR
       Angus Salkeld

                                                   2019-04-09                                 COROSYNC-KEYGEN(8)