Format of 'dig -k' "TSIG key file"?
Joseph S D Yao
jsdy at tux.org
Fri Jul 31 21:22:55 UTC 2009
On Fri, Jul 31, 2009 at 01:43:58PM +0200, Mark Elkins wrote:
> On Thu, 2009-07-30 at 17:40 -0400, Joseph S D Yao wrote:
>
> > What does work is:
> > dig -y mynet.:Ain/tGonnaTellNoWay== axfr example.zone @other.example.zone
> > but I really, really find this not altogether pleasant.
>
> This gets a bit more funkie when you are not using the default
> key-algorithm of hmac-md5 - which you probably should not be using any
> more...
...
As I mentioned, I must have missed the notice to ignore the manual
entries and books that say that only HMAC-MD5 must be used. When was
that?
...
> I'd like to see intelligence that allows 'dig' to look inside the
> 'named.conf' file (following any "include" statements) for the same key
> info that 'named' uses.
...
Which is why I tried that file first, ;-)
Well, why don't you or I just add that to 'dig'? It shouldn't be that
hard to do! Maybe this weekend, if I can squeeze in time between
daughter's birthday and whatever else that was I was scheduled to do by
loving family... ;-) [fix Mom's printer, M-i-L's cable internet,
etc.]
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list