dhcp, ddns nsupdate regular user
Chris Cox
chris_cox at stercomm.com
Thu Feb 13 22:30:36 UTC 2003
Hugh Jass wrote:
...snip...
In my named.conf file I have the line:
>
> allow-update { localhost; };
>
> What I just discovered is that that allows my regular users to be able
> to update the zones that I allow updates.
..snip...
> What's the best way to go about securing a name server that's updated
> by dhcp against regular users?
>
Use signed updates where the key is protected from general
use. Look for info about TSIG in the docs.
More information about the bind-users
mailing list