hello bind network hello dnssec network admin.
I correctly configure my server centos dnssec on with as a representative of encryptions dlv isc. my question is relevant and was already asked but I have not found the complete answer on google. my question is how to include the DS record in the Keys. my keys are in a separate folder. the DS record is already generated in I also wonder the utility of this good record given that my signatures are marked as good on dlv I read that a single include file in the keys was the right approach but I would like to have more precision on the proper conduct of this operation what file in the include directive must be accomplished and realize how well inclusion of the DS record (what should be the proper syntax on how to declare dlv isc) how to re-sign after the keys this is it the response on google for implement DS record with dnssec http://newsgroups.derkeiler.com/Archive/Comp/comp.protocols.dns.bind/2010-08/msg00054.html thanks for many returns who are welcome this is a relevant on my config of keys ~]# cat /var/named/dsset-fakessh.eu. fakessh.eu. IN DS 47103 3 1 CFEA04C5B91**************7F2DF5225E357 fakessh.eu. IN DS 47103 3 2 68096942650C1DD89D5**************************09F4F1CD348 4D8ED07B ~]# ls -al /var/named/keys total 8 drwxrwxr-x 2 root named 4096 jan 1 15:41 . drwxrwx--- 7 root named 4096 jan 1 15:34 .. lrwxrwxrwx 1 root named 28 jan 1 15:41 dsset-fakessh.eu. -> /var/named/dsset-fakessh.eu. lrwxrwxrwx 1 root named 34 jan 1 15:41 dsset-nicolaspichot.fr. -> /var/named/dsset-nicolaspichot.fr. lrwxrwxrwx 1 root named 33 jan 1 15:41 dsset-renelacroute.fr. -> /var/named/dsset-renelacroute.fr. lrwxrwxrwx 1 root named 29 jan 1 15:41 keyset-fakessh.eu. -> /var/named/keyset-fakessh.eu. lrwxrwxrwx 1 root named 35 jan 1 15:41 keyset-nicolaspichot.fr. -> /var/named/keyset-nicolaspichot.fr. lrwxrwxrwx 1 root named 34 jan 1 15:41 keyset-renelacroute.fr. -> /var/named/keyset-renelacroute.fr. lrwxrwxrwx 1 root named 37 jan 1 15:41 Kfakessh.eu.+003+47103.key -> /var/named/Kfakessh.eu.+003+47103.key lrwxrwxrwx 1 root named 41 jan 1 15:41 Kfakessh.eu.+003+47103.private -> /var/named/Kfakessh.eu.+003+47103.private lrwxrwxrwx 1 root named 37 jan 1 15:41 Kfakessh.eu.+003+59773.key -> /var/named/Kfakessh.eu.+003+59773.key lrwxrwxrwx 1 root named 41 jan 1 15:41 Kfakessh.eu.+003+59773.private -> /var/named/Kfakessh.eu.+003+59773.private lrwxrwxrwx 1 root named 43 jan 1 15:41 Knicolaspichot.fr.+003 +02473.key -> /var/named/Knicolaspichot.fr.+003+02473.key lrwxrwxrwx 1 root named 47 jan 1 15:41 Knicolaspichot.fr.+003 +02473.private -> /var/named/Knicolaspichot.fr.+003+02473.private lrwxrwxrwx 1 root named 43 jan 1 15:41 Knicolaspichot.fr.+003 +07246.key -> /var/named/Knicolaspichot.fr.+003+07246.key lrwxrwxrwx 1 root named 47 jan 1 15:41 Knicolaspichot.fr.+003 +07246.private -> /var/named/Knicolaspichot.fr.+003+07246.private lrwxrwxrwx 1 root named 42 jan 1 15:41 Krenelacroute.fr.+003 +01827.key -> /var/named/Krenelacroute.fr.+003+01827.key lrwxrwxrwx 1 root named 46 jan 1 15:41 Krenelacroute.fr.+003 +01827.private -> /var/named/Krenelacroute.fr.+003+01827.private lrwxrwxrwx 1 root named 42 jan 1 15:41 Krenelacroute.fr.+003 +57237.key -> /var/named/Krenelacroute.fr.+003+57237.key lrwxrwxrwx 1 root named 46 jan 1 15:41 Krenelacroute.fr.+003 +57237.private -> /var/named/Krenelacroute.fr.+003+57237.private -- gpg --keyserver pgp.mit.edu --recv-key 092164A7 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
signature.asc
Description: Ceci est une partie de message numériquement signée
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
