manage managed-keys?
Evan Hunt
each at isc.org
Sat Jul 17 22:21:16 UTC 2010
> How do you manage "managed-keys"? I there a way to ask bind which key
> (for a given zone) is actually in use? Or is there a possibility to get
> rid of a trust anchor that found it's way into managed-keys.bind (short
> of stopping bind and editing managed-keys.bind)?
BIND 9.7.2 will introduce a command "rndc secroots" that dumps
a list of the current trust anchors for each view to a file.
To remove a key from managed-keys.bind, just remove the initial key
for that name from the managed-keys statement in named.conf and run
"rndc reconfig". Any keys found in managed-keys.bind that don't have
a matching key name in in named.conf are removed.
--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list