Re: Centos7 poblems with dnssec-keygen

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]





On 12/24/2015 12:40 PM, Robert Moskowitz wrote:
I am reading:

https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-rndc.html

I have bind installed and default config running.  I have not applied my
customizations yet.  The first step I am taking is getting rndc.key
created.  So reading the guide I am trying to run (while logged in as
root, and in /etc):

dnssec-keygen -a hmac-md5 -b 256 -n HOST rndc.key

The system is just sitting there and doing nothing.  I have sshed as
another session and do not see any processing being done by dnssec-keygen.

Has anyone else done this?  Am I doing things in the right order? If it
works for others, then there is something wrong with my setup...

It's working fine for me.

I'm using the command ldns-keygen to generate keys though - e.g.

ZSK=`/usr/bin/ldns-keygen -a RSASHA1-NSEC3-SHA1 -b 1024 ${zone}`

and

KSK=`/usr/bin/ldns-keygen -k -a RSASHA1-NSEC3-SHA1 -b 2048 ${zone}`

ldns-keygen is from the ldns package.

Mine is currently all scripted and automated, has been for months - I started with an Ubuntu tutorial though, not CentOS documentation, and adapted it.

I'll have to look at the scripts I wrote more carefully when I get home (wonder if I should be using different than SHA1 now too? I'll have to research that)

--
-=-
Sent my from my laptop, may not be able to respond timely
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux