DHCPD - BIND DDNS: dnssec-keygen hmac-md5 removed
moo can
moocan2112 at yahoo.fr
Fri Apr 10 23:52:12 UTC 2020
Hello,
For educational purpose I need to setup an DDNS between DCHPD and BIND.
Everywhere, debian, zytrax, freeipa, veritas ... use dnssec-keygen.Zytrax:
dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST keyname
Veritas:
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST example.com.
Debian:
dnssec-keygen -a HMAC-MD5 -b 128 -r /dev/urandom -n USER DDNS_UPDATE
HMAC-* support seems to have been removed from dnssec-keygen
https://gitlab.isc.org/fanf/bind9/commit/80788e72d0698f93e92a0e8f1aa60ff982623997
It seems we need to use tsig-keygen but it is not clear.
I try to follow this guide from debian https://wiki.debian.org/DDNS#How_to_set_up_DDNS as example but there is no -n USER or -n HOST option with tsig-keygen.
I do not find any clear example.
Thanks you in advance for your help.
Kind Regards
Fabien
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200410/89857d56/attachment.htm>
More information about the bind-users
mailing list