-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28.07.14 19:09 Evan Hunt wrote: > On Mon, Jul 28, 2014 at 06:16:13PM +0200, Johannes Kastl wrote:
>> So basically BIND cannot do that for me, each time it does a key >> rollover. That's what I wanted to know. > > "rndc signing -nsec3param" can change your salt. Specifying "auto" > as the salt causes named to generate a salt at random. Good to know. > There's currently no way to schedule it the way you can schedule > key rollovers, but you can put it in a crontab. As I said, knowing that BIND does not do that automatically and I have to put it in a crontab is exactly what I wanted to know... Thanks for the answer. Regards, Johannes - -- Sex is like hacking. You get in, you get out, and you hope you didnt leave something behind that can be traced back to you. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with SeaMonkey - http://www.enigmail.net/ iEYEARECAAYFAlPWqDkACgkQzi3gQ/xETbLIQACfUmKFDj49mPw9/WQacLDHjECR NjkAn0j++xb8pVQm/X/VeUOQ87RNQDOO =5Fk7 -----END PGP SIGNATURE----- _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
