diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8 index 5dc3f45c..5aaae933 100644 --- a/man/corosync-keygen.8 +++ b/man/corosync-keygen.8 @@ -1,89 +1,98 @@ .\"/* .\" * Copyright (C) 2010 Red Hat, Inc. .\" * .\" * All rights reserved. .\" * .\" * Author: Angus Salkeld .\" * .\" * This software licensed under BSD license, the text of which follows: .\" * .\" * Redistribution and use in source and binary forms, with or without .\" * modification, are permitted provided that the following conditions are met: .\" * .\" * - Redistributions of source code must retain the above copyright notice, .\" * this list of conditions and the following disclaimer. .\" * - Redistributions in binary form must reproduce the above copyright notice, .\" * this list of conditions and the following disclaimer in the documentation .\" * and/or other materials provided with the distribution. .\" * - Neither the name of the MontaVista Software, Inc. nor the names of its .\" * contributors may be used to endorse or promote products derived from this .\" * software without specific prior written permission. .\" * .\" * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" .\" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE .\" * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR .\" * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF .\" * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS .\" * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN .\" * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF .\" * THE POSSIBILITY OF SUCH DAMAGE. .\" */ .TH COROSYNC-KEYGEN 8 2010-05-30 .SH NAME corosync-keygen \- Generate an authentication key for Corosync. .SH SYNOPSIS -.B "corosync-keygen [\-l]" +.B "corosync-keygen [\-k ] [\-l]" .SH DESCRIPTION If you want to configure corosync to use cryptographic techniques to ensure authenticity -.br and privacy of the messages, you will need to generate a private key. .PP .B corosync-keygen -creates this key and writes it to /etc/corosync/authkey. +creates this key and writes it to /etc/corosync/authkey or to file specified by +-k option. .PP This private key must be copied to every processor in the cluster. If the -.br private key isn't the same for every node, those nodes with nonmatching private -.br keys will not be able to join the same configuration. .PP Copy the key to some security transportable storage or use ssh to transmit the -.br key from node to node. Then install the key with the command: .PP unix#: install -D --group=0 --owner=0 --mode=0400 /path_to_authkey/authkey /etc/corosync/authkey .PP If a message "Invalid digest" appears from the corosync executive, the keys -.br are not consistent between processors. .PP .B Note: corosync-keygen will ask for user input to assist in generating entropy unless the -l option is used. .SH OPTIONS .TP +.B -k +This specifies the fully qualified path to the shared key to create. +.br +The default is /etc/corosync/authkey. +.TP .B -l Use a less secure random data source that will not require user input to help generate -.br -entropy. This may be useful when this utility is used from a script. +entropy. This may be useful when this utility is used from a script or hardware random number +generator is not available (f.e. in virtual machine). + .SH EXAMPLES .TP Generate the key. .PP -$ corosync-keygen +# corosync-keygen .br Corosync Cluster Engine Authentication key generator. .br Gathering 1024 bits for key from /dev/random. .br Press keys on your keyboard to generate entropy. .br +.PP +$ corosync-keygen -l -k /tmp/authkey +.br +Corosync Cluster Engine Authentication key generator. +.br +Writing corosync key to /tmp/authkey. +.br .SH SEE ALSO .BR corosync_overview (8), .BR corosync.conf (5), .SH AUTHOR Angus Salkeld .PP diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c index 71ea9d82..112ebaf7 100644 --- a/tools/corosync-keygen.c +++ b/tools/corosync-keygen.c @@ -1,172 +1,167 @@ /* * Copyright (c) 2004 MontaVista Software, Inc. * Copyright (c) 2005-2011 Red Hat, Inc. * * All rights reserved. * * Author: Steven Dake (sdake@redhat.com) * * This software licensed under BSD license, the text of which follows: * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * - Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * - Redistributions in binary form must reproduce the above copyright notice, * this list of conditions and the following disclaimer in the documentation * and/or other materials provided with the distribution. * - Neither the name of the MontaVista Software, Inc. nor the names of its * contributors may be used to endorse or promote products derived from this * software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. */ #include #include #include #include #include #include +#include #include #include #include #include -#define KEYFILE COROSYSCONFDIR "/authkey" +#define DEFAULT_KEYFILE COROSYSCONFDIR "/authkey" static const char usage[] = - "Usage: corosync-keygen [-l]\n" + "Usage: corosync-keygen [-k ] [-l]\n" + " -k / --key-file= - Write to the specified keyfile\n" + " instead of the default " DEFAULT_KEYFILE ".\n" " -l / --less-secure - Use a less secure random number source\n" " (/dev/urandom) that is guaranteed not to require user\n" " input for entropy. This can be used when this\n" " application is used from a script.\n"; int main (int argc, char *argv[]) { int authkey_fd; int random_fd; + char *keyfile = NULL; unsigned char key[128]; ssize_t res; ssize_t bytes_read; int c; int option_index; int less_secure = 0; static struct option long_options[] = { - { "less-secure", no_argument, NULL, 'l' }, - { "help", no_argument, NULL, 'h' }, - { 0, 0, NULL, 0 }, + { "key-file", required_argument, NULL, 'k' }, + { "less-secure", no_argument, NULL, 'l' }, + { "help", no_argument, NULL, 'h' }, + { 0, 0, NULL, 0 }, }; - while ((c = getopt_long (argc, argv, "lh", + while ((c = getopt_long (argc, argv, "k:lh", long_options, &option_index)) != -1) { switch (c) { + case 'k': + keyfile = optarg; + break; case 'l': less_secure = 1; break; case 'h': printf ("%s\n", usage); exit(0); break; default: printf ("Error parsing command line options.\n"); exit (1); } } printf ("Corosync Cluster Engine Authentication key generator.\n"); - if (geteuid() != 0) { - printf ("Error: Authorization key must be generated as root user.\n"); - exit (errno); - } - if (mkdir (COROSYSCONFDIR, 0700)) { - if (errno != EEXIST) { - perror ("Failed to create directory: " COROSYSCONFDIR); - exit (errno); - } + + if (!keyfile) { + keyfile = (char *)DEFAULT_KEYFILE; } if (less_secure) { + printf ("Gathering %lu bits for key from /dev/urandom.\n", (unsigned long)(sizeof (key) * 8)); random_fd = open ("/dev/urandom", O_RDONLY); } else { printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned long)(sizeof (key) * 8)); printf ("Press keys on your keyboard to generate entropy.\n"); random_fd = open ("/dev/random", O_RDONLY); } if (random_fd == -1) { perror ("Failed to open random source\n"); exit (errno); } /* * Read random data */ bytes_read = 0; retry_read: res = read (random_fd, &key[bytes_read], sizeof (key) - bytes_read); if (res == -1) { perror ("Could not read /dev/random"); exit (errno); } bytes_read += res; if (bytes_read != sizeof (key)) { printf ("Press keys on your keyboard to generate entropy (bits = %d).\n", (int)(bytes_read * 8)); goto retry_read; } close (random_fd); /* * Open key */ - authkey_fd = open (KEYFILE, O_CREAT|O_WRONLY, 600); + authkey_fd = open (keyfile, O_CREAT|O_WRONLY, 0600); if (authkey_fd == -1) { - perror ("Could not create " KEYFILE); - exit (errno); - } - /* - * Set security of authorization key to uid = 0 gid = 0 mode = 0400 - */ - res = fchown (authkey_fd, 0, 0); - if (res == -1) { - perror ("Could not fchown key to uid 0 and gid 0\n"); + fprintf (stderr, "Could not create %s: %s", keyfile, strerror(errno)); exit (errno); } if (fchmod (authkey_fd, 0400)) { perror ("Failed to set key file permissions to 0400\n"); exit (errno); } - printf ("Writing corosync key to " KEYFILE ".\n"); + printf ("Writing corosync key to %s.\n", keyfile); /* * Write key */ res = write (authkey_fd, key, sizeof (key)); if (res != sizeof (key)) { - perror ("Could not write " KEYFILE); + fprintf (stderr, "Could not write %s: %s", keyfile, strerror(errno)); exit (errno); } if (close (authkey_fd)) { - perror ("Could not write " KEYFILE); + fprintf (stderr, "Could not close %s: %s", keyfile, strerror(errno)); exit (errno); } return (0); }