nsupdate error reading key

Kevin Darcy kcd at daimlerchrysler.com
Fri Sep 21 19:56:17 UTC 2001


Bernd Dorn wrote:

> hello
>
> i have problems with reading the key via the -k option with bind8 nsupdate
>
> i'm running bind 9.1.3 on freebsd 4.3 stable
>
> i tried with the bind9 version of nsupdate and it works
>
> i need to get it running with the bind 8 version of nsupdate - so that i
> can use it on win32 - there seems to be no bind9 version for win32
>
> i tried the following:
> generate keys with dnskeygen
> generate keys with dnssec-keygen
>
> using: nsupdate -k /thepath:Kmonty.
>
> i get: dst_read_key: error reading key
>
> i tried all: with the dot, without the dot, the whole name of the key
> (both .private and .key) , chmod 777 on the keys ...
>
> i don't think that this is a server problem, because the client tries to
> read the key before trying to connect to the server

Check the documentation. The -k option takes the full pathname (no colons!)
of the key file. I use it that way all of the time.


- Kevin





More information about the bind-users mailing list