Ceph In Linux 7.0 Lands Support For AES256K Keys

• Ceph In Linux 7.0 Lands Support For AES256K Keys For those making use of the Ceph open-source, distributed storage platform, with the upcoming Linux 7.0 kernel they are introducing support for the AES256K key type. • The Ceph authentication code in Linux 7.0 has merged support for the AES256K key type. • The CEPH_CRYPTO_AES256KRB5 key type is based on Kerberos 5 / AES256-CTS-HMAC384-192. • This support is complementary and doesn’t affect the existing Ceph AES crypto support. • Aside from that Ceph AES256K key type support, the other Ceph changes amount to bug fixes for the Linux 7.0 merge window. • See this pull request for those making use of Ceph and curious about these latest changes.

Article Summaries:

• Linux kernel 7.0 now includes support for the AES256K key type in the Ceph authentication subsystem. The new CEPH_CRYPTO_AES256KRB5 key type is based on Kerberos 5 with AES256‑CTS‑HMAC384‑192, adding a stronger encryption option for Ceph’s distributed storage platform. This addition is complementary to existing Ceph AES crypto and does not replace it. Aside from the key‑type enhancement, the kernel merge window for Ceph contains a handful of bug‑fixes. The changes are available via the relevant pull request for users who rely on Ceph in Linux.

Sources:

• https://www.phoronix.com/news/Ceph-Linux-7.0