tsig indicates error
John Miller
johnmill at brandeis.edu
Fri Jul 24 16:07:09 UTC 2015
On Fri, Jul 24, 2015 at 11:52 AM, Mark Elkins <mje at posix.co.za> wrote:
> On Fri, 2015-07-24 at 15:44 +0000, Managed Pvt nets wrote:
> >
> >
> > On 24/07/2015 5:05:24 PM, "Alan Clegg" <alan at clegg.com> wrote:
> >
> > > Possible problems:
> > > Mismatched keys.
> > > Mismatched key names.
> > > Mismatched clocks.
> >
> > Most likely mismatched key. I have to figure out how to make sure my
> > master does not require TSIGs and my slave does not try to use them.
>
>
> TSIG is a step towards better security. Rather learn how to use it than
> go backwards. I see TSIG as a step towards DNSSEC...
>
I'm with Mark on this. TSIG isn't that tough to figure out--a couple hours
and you should have it down. Cricket/Paul's book, and Pro DNS and BIND 10
are good intros to the subject. I'm installing a copy of Debian 8.1 for
myself right now--I'm curious to see what the stock BIND config looks like
(we use RHEL here at the office).
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150724/94a1c6ca/attachment.html>
More information about the bind-users
mailing list