Hi, we’re using libcluster + horde to manage process balancing of some genservers. So, we want to get the security right and have an encrypted communication between processes.
I guess that horde messages aren’t so important because they are mostly metadata, but the genservers themselves are communicating between each other and there is some sensitive information in those messages. Is there any library to send those messages encrypted or simply encrypt message before send and decrypt after receive?
Hello and welcome, You might be interested by…
3 Likes
You can view this guide to see the facilities for making Distributed Erlang itself use SSL for all communications between nodes:
https://www.erlang.org/doc/apps/ssl/ssl_distribution
Just as a doom-and-gloom aside, Distributed Erlang as a paradigm/protocol doesn’t have any notion of meaningful security, privacy, or other boundaries between cluster peers. If you have any concerns that another BEAM node has been successfully compromised by a malicious party, reading inter-process messages is far down the list of possible harm they could do. They could use RPC to delete files, manipulate database rows, plus ~anything the OS user has permission to do. Erlang cookie is also not a terribly useful security mechanism and should be combined with suitable network rules when possible.
4 Likes
I agree with @shanesveller, if you are exposing the nodes to internet you are doing it wrong.
I think the best solution for this kind of problem lies at network level, if you are using the same cloud provider you can use internal IPs to communicate between nodes or use a VPN if you really need to go over public network.
We’re not exposing the nodes to the internet. This will run on k8s, so the communication is internal, we’re just exploring this to add an extra level of security. As said by @shanesveller, if a malicious actor has total control of a node, the messages are the least worrying thing. I’m thinking the possibility of another pod compromised on the network that can somehow read these unencrypted messages.
1 Like
