GSS-TSIG support in BIND 9.5
Madhavi Phanse
pmadhavi at novell.com
Thu Jan 3 14:04:13 UTC 2008
Hi,
I've have few queries about the GSS-TSIG support in BIND 9.5
To enable named to work with this support, is it that you need to specify the GSS key in the zone as below:
key my-gss-key
{
algorithm gss-tsig;
key sjkgoeto..;
}
example.com{
..
..
allow-update {key my-gss-key;}
}
How to generate the gss-tsig key in that case?
Is there any tool available to generate a gss-tsig key like dnssec-tsig?
Or do you specify the /etc/key.tab file in place of zone key above? How is the key expiration handled in that case?
If this is not write way to specify the GSS-TSIG algorithm, can you correct me for the same?
Thanks in advance,
Madhavi
More information about the bind-users
mailing list