HDFS Encrypted Transport
HDFS Encrypted Transport, supported in CDH4.1 and later releases, allows encryption of all HDFS data sent over the network.
To enable encryption, proceed as follows:
- Enable the Hadoop Security using Kerberos feature. See the CDH4 Security Guide for instructions.
- Set the optional RPC encryption by setting hadoop.rpc.protection to
"privacy" in the core-site.xml file in both
client and server configurations.
If RPC encryption is not enabled, transmission of other HDFS data is also insecure.
- Set dfs.encrypt.data.transfer to true in the hdfs-site.xml file on all server systems.
- Restart all daemons.
|<< Previous: Encrypted Shuffle and Encrypted Web UIs||Next: Integrating Hadoop Security with Active Directory >>|