Security mode

The security mode of a cluster determines the level of security that the cluster provides for communications between nodes in the cluster and also for communications between clusters.

There are three security modes:

EMPTY

The receiving node and the sending node do not authenticate each other, do not encrypt transmitted data, and do not check the integrity of transmitted data.

AUTHONLY

The sending and receiving nodes authenticate each other with a TLS handshake and then close the TLS connection. Communication continues in the clear. The nodes do not encrypt transmitted data and do not check data integrity.

Cipher

To set this mode, you must specify the name of a supported cipher, such as AES128-GCM-SHA256. The sending and receiving nodes authenticate each other with a TLS handshake. A TLS connection is established. The transmitted data is encrypted with the specified cipher and is checked for data integrity.

To find a list of supported ciphers, choose one of the following methods:

See the frequently answered questions (FAQs) in IBM Storage Scale FAQ in IBM® Documentation.
Enter the following command at the command line:
```
mmauth show ciphers
```

For FIPS 140-2 considerations, see Encryption.

For both the AUTHONLY mode and the cipher mode, the cluster automatically generates a public or private key pair when the mode is set. However, for communication between clusters, the system administrators are still responsible for exchanging public keys.

In IBM Storage Scale, the default security mode is AUTHONLY. The mmcrcluster command sets the mode when it creates the cluster. You can display the security mode by running the following command:

mmlsconfig cipherlist

You can change the security mode with the following command:

mmchconfig cipherlist=security_mode

If you are changing the security mode from EMPTY to another mode, you can do so without stopping the GPFS daemon. However, if you are changing the security mode from another mode to EMPTY, you must stop the GPFS daemon on all the nodes in the cluster. Change the security mode to EMPTY and then restart the GPFS daemon.

The default security mode is EMPTY in IBM Storage Scale 4.1 or earlier and is AUTHONLY in IBM Storage Scale 4.2 or later. If you migrate a cluster from IBM Storage Scale 4.1 to 4.2 or later by running mmchconfig release=LATEST, the command checks the security mode. If the mode is EMPTY, the command fails with an error message. You then can do either of two actions:

Change the security mode to a valid value other than EMPTY, such as AUTHONLY, and rerun the mmchconfig release=LATEST command.
Leave the security mode set to EMPTY and re-run the mmchconfig release=LATEST command with the option --accept-empty-cipherlist-security.

For more information, see Completing the upgrade to a new level of IBM Storage Scale.

Configuring the security mode to a setting other than EMPTY (that is, either AUTHONLY or a supported cipher) requires the use of the GSKit toolkit for encryption and authentication. As such, the gpfs.gskit package, which is available on all editions, should be installed.