Bind 9 and RNDC
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Wed Oct 11 00:19:18 UTC 2000
The following should example works, the zone statement have
been stripped from named.conf and the secret changed but
otherwise this is from a working configuration. At the
moment you cannot include /etc/rndc.key into /etc/rndc.conf
but it should be possible in the future allowing the key
to only exist in one place.
/etc/rndc.key is mode 600 owner root
/etc/rndc.conf is mode 600 owner root
/etc/named.conf is mode 644 owner root
Mark
/etc/rndc.key:
key "rndc" {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxxx";
};
/etc/named.conf:
include "/etc/rndc.key";
controls {
inet 127.0.0.1 allow { any; } keys { "rndc"; };
};
options {
directory "/var/named";
};
/etc/rndc.conf:
options {
default-server localhost;
default-key rndc;
};
key "rndc" {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxxx";
};
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list