About Erlang system nodes

Renyi Xiong <>
Wed Mar 29 01:30:21 CEST 2006


I tried ethereal to intercept packets between 2 erlang nodes over ssl and 
proved that you guys are right! - the packets were no longer plain text 
after I applied ssl.

Brian,

Since erlang has built in security (ssl), we probably don't need any ip 
tunneling.

Thank you very much,
Renyi.

----- Original Message ----- 
From: "Ulf Wiger (AL/EAB)" <>
To: "Renyi Xiong" <>; "chandru" 
<>; <>
Cc: <>
Sent: Monday, March 27, 2006 11:52 PM
Subject: RE: About Erlang system nodes



This seems impossible. There is only one tcp session
between two erlang nodes. All communication, be it
spawn commands or pure message passing, is passed
on the same link.

The erlang:send/2 function (the ! operator) is
implemented in the virtual machine. The VM knows
which port is mapped to a given node, and sends
messages through that port. If that port is opened
over SSL, all communication between the two nodes
will be encrypted.

BR,
Ulf W

> -----Original Message-----
> From: 
> [mailto:] On Behalf Of Renyi Xiong
> Sent: den 27 mars 2006 18:44
> To: chandru; 
> Cc: 
> Subject: Re: About Erlang system nodes
>
> But I found if we run distributed erlang over SSL, it only
> affects those distributed command like spawn_link. It doesn't
> affect primitive command like message passing command - '!'
> which we concern about. Cause that means if we run
> distributed Mnesia, it doesn't automatically have encrypted
> communication between Mnesia nodes even if SSL is employed.
> Is that correct?
>
> Thanks a lot,
> Renyi.
>
> ----- Original Message -----
> From: "chandru" <>
> To: <>
> Cc: <>; "Renyi Xiong" <>
> Sent: Friday, March 24, 2006 1:32 AM
> Subject: Re: About Erlang system nodes
>
>
> On 23/03/06, Tony Zheng <> wrote:
> > Hi Chandru
> >
> > Are there any encrypted mechanisms when Mnesia replicate tables on
> > different Erlang nodes? We will put Erlang nodes in
> different locations
> > on internet, we want to know if it is secure for Mnesia to replicate
> > tables on internet.
> > Thanks.
>
>
> You can run distributed erlang over SSL. That will encrypt all traffic
> between the nodes.
> See
> http://www.erlang.org/doc/doc-5.4.13/lib/ssl-3.0.11/doc/html/u
> sersguide_frame.html
> for more info on how to do this.
>
> cheers
> Chandru
> 



More information about the erlang-questions mailing list