In message <20090603165304.ga28...@csy.ca>, Shane Wegner writes:
> Hello,
>
> I am looking at setting up tkey between master and slave
> nameservers but have been unable to find documentation on
> how to get this going properly. In the bind9 manual, there
> is a whole section on TSIG and setting up shared secrets
> between servers but how does one do it the TKEY way? That
> is, not having to generate different keypairs per host?
It's not supported and I really can't see the need for it.
Mark
> >From what I've been able to figure out, the servers
> generate a keypair:
> gnssec-keygen -a dh -b 1024 -n host hostname
>
> and publish the result in a tkey-key configuration
> directive. But then how does one server recognize the
> other. How is access control done? Does the server just
> trust the keyname given to it by the other side?
>
> Shane
> _______________________________________________
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
