auto update signatures dnssec
fakessh @
fakessh at fakessh.eu
Sun Dec 26 23:25:56 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hello bind network
good day and merry christmas.
I just put in place guidelines in bind config to update the signatures
dnssec
I'm looking for options that require the least amount of maintenace that
all updates of signatures are performed without any external intervention
i quote my named conf
zone "fakessh.eu" {
type master;
file "/var/named/fakessh.eu.hosts";
auto-dnssec maintain;
update-policy local;
key-directory "/var/named/keyset-fakessh.eu";
allow-transfer { 213.251.188.140;87.98.164.164;
195.234.42.1;94.23.59.30; };
};
is what the guidelines are good options
my named
~]# rpm -qa | egrep bind
bind-9.7.0-5.P2.el5
bind-devel-9.7.0-5.P2.el5
bind-sdb-9.7.0-5.P2.el5
bind-utils-9.7.0-5.P2.el5
bind-libs-9.7.0-5.P2.el5
i use CentOS 5.5 with custom kernel
many returns are welcome
sincerely
- --
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
gpg --keyserver pgp.mit.edu --recv-key 092164A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iD8DBQFNF88EtXI/OwkhZKcRAghLAJ4824Dgic38D2D/dvRBhc0ugH+LYgCfala4
279dg3VXyajosfPRn9Zbi4Y=
=BBuN
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list