KSK Rollover
Brent Swingle
brent at havilandtelco.com
Thu Sep 6 17:34:21 UTC 2018
I recently received an email indicating that our DNS servers are not properly equipped for the planned KSK Rollover that is coming. It leads off with this line "On 11 October 2018, ICANN will change or "roll over" the DNSSEC key signing key (KSK) of the DNS root zone."
Reading through the email there are links on how to check our server setup and make adjustments. My specific question to the group is in regards to one of the steps outlined for checking the current configuration.
This is the link that outlines the server test steps:
https://www.icann.org/dns-resolvers-checking-current-trust-anchors
This is the command that does not work and the output received:
[root at ns2 ~]# rndc secroots
rndc: 'secroots' failed: permission denied
[root at ns2 ~]#
This are the versions that I am running:
[root at ns2 ~]# named -v
BIND 9.10.2-P4-RedHat-9.10.2-5.P4.fc22
Might anyone be able to tell me what adjustment I would need to make in order for this command to work properly so I can look at the output file and verify my config?
Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180906/bbc4866d/attachment.html>
More information about the bind-users
mailing list