Re: auto update signatures dnssec

2010-12-29 Thread G.W. Haywood
Hi there, On Wed, 29 Dec 2010 Alan Clegg wrote: > In your named.conf, you should have "key-directory <...>;" defined. The > keys should be there (and readable by the named process). > > If you don't have a "key-directory" statement, then named will look in > the working directory from which the

Re: auto update signatures dnssec

2010-12-28 Thread Alan Clegg
On 12/28/2010 5:04 PM, fakessh @ wrote: >>> Dec 28 22:04:02 r13151 named-sdb[24511]: dns_dnssec_findzonekeys2: >>> error reading private key file fakessh.eu/DSA/9552: file not found >> >> It seems that the .key and .private files are not in the right place. > what is the right place ? In your na

Re: auto update signatures dnssec

2010-12-28 Thread fakessh @
Le mardi 28 décembre 2010 à 16:42 -0500, Alan Clegg a écrit : > On 12/28/2010 4:12 PM, fakessh @ wrote: > > named-sdb[24511]: /var/named/renelacroute.fr.hosts.jnl: create: > > permission denied > > Permissions are wrong on /var/named -- the named process needs to be > able to write into it. > >

Re: auto update signatures dnssec

2010-12-28 Thread Torinthiel
fakessh @ pisze: >>> zone "fakessh.eu" { >>> type master; >>> file "/var/named/fakessh.eu.hosts"; >>> auto-dnssec maintain; >>> update-policy local; >>> key-directory "/var/named/keyset-fakessh.eu"; >>> allow-transfer { 213.251.188.140;87.98.164.164;

Re: auto update signatures dnssec

2010-12-28 Thread fakessh @
sorry for the top box on alan clegg Le lundi 27 décembre 2010 à 08:48 -0500, Alan Clegg a écrit : > On 12/27/2010 1:07 AM, fakessh wrote: > > > good day and merry christmas. > > Thanks, and to you as well. > > > I just put in place guidelines in bind config to update the signatures > > dnssec >

Re: auto update signatures dnssec

2010-12-27 Thread Alan Clegg
On 12/27/2010 1:07 AM, fakessh wrote: > good day and merry christmas. Thanks, and to you as well. > I just put in place guidelines in bind config to update the signatures > dnssec > I'm looking for options that require the least amount of maintenace that > all updates of signatures are performed