4. Using SSL for Erlang Distribution

4 Using SSL for Erlang Distribution

This section describes how the Erlang distribution can use SSL to get extra verification and security.

The Erlang distribution can in theory use almost any connection-based protocol as bearer. However, a module that implements the protocol-specific parts of the connection setup is needed. The default distribution module is inet_tcp_dist in the Kernel application. When starting an Erlang node distributed, net_kernel uses this module to set up listen ports and connections.

In the SSL application, an extra distribution module, inet_tls_dist, can be used as an alternative. All distribution connections will use SSL and all participating Erlang nodes in a distributed system must use this distribution module.

The security level depends on the parameters provided to the SSL connection setup. Erlang node cookies are however always used