Setting the security mode for internode communications in a cluster

IBM Storage Scale supports the secure data transit for internode communications within a single cluster.

Enable encryption of the data over wire for the internode communications between the IBM Storage Scale systems by using the following setting:

Set the cipherList value to one of the supported ciphers by using the mmchconfig command.
For example,
```
 mmchconfig cipherList=AES256-SHA256
```
By setting the cipherList value, the data that is exchanged between the nodes in a single cluster of IBM Storage Scale is encrypted with the AES256-SHA256 cipher.
Restart the GPFS daemon across the cluster so that the security setting is in effect.

Important: To keep cluster services operational, you can start the daemons in a rolling fashion, one node at a time. The new security mode takes effect for each new TCP connection that is established. After the daemons on all nodes in a cluster are restarted, the security mode takes effect for all TCP connections.

The cipherList setting does not affect the existing TCP connections. These TCP connections remain in their previous setting, which is likely to be the AUTHONLY mode.

Note: TCP connections that are established for the clustered configuration repository (CCR) operate in the AUTHONLY mode.