Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

All network commands among fetcher, mine, apply and console are sent encrypted. The key serves both as authentication and encryption.
On WAN networks, even the redo/plog contents is sent encrypted.
The key is defined by variable NETWORK_TRAFFIC_KEY. As this can be considered as sensitive information, there are more ways how to specify this value:

  • DDC file (use memory_set, so it is not stored in DDC DB automatically)
  • DDC DB
  • the .ssh way: create a private directory (chmod 0700), store a file with a single command "memory_set NETWORK_TRAFFIC_KEY …" and include it from your DDC file (standard READ command)
  • specify the key as dbvrep parameter: --netkey
  • No labels