[erlang-questions] Erlang cookies, rpc, security, mnesia, hidden nodes, VPN tunnels and stuff!

Trent Hampton <>
Tue Sep 20 20:47:42 CEST 2016


Greetings Erlang Wizards!

I have a client server erlang application where each server is connected to every other and is running an instance of an mnesia database across point to point VPN tunnels.

I would like to be able to use erlang rpc on the clients to make function calls on the servers without exposing raw access to the mnesia database. That is, I do not want to expose, to the clients, the cookie that I use to connect mnesia nodes together.   

Is it possible to have the servers and mnesia communicate using one cookie but have the clients connect to the servers using another cookie so that the clients cannot gain access to the raw database and so that there are no transitive connections?

According to http://erlang.org/doc/reference_manual/distributed.html section 13.3-5; it is possible to turn off transitive connections with the -connect_all false flag or by making a node hidden. Is it possible to use the hidden node and also use a different cookie for the client to server connection than the cookie used between the servers?

Thank you!

Trent


More information about the erlang-questions mailing list