Setting up tkey
Niall O'Reilly
Niall.oReilly at ucd.ie
Thu Jun 4 08:38:09 UTC 2009
Shane Wegner wrote:
> Hello,
>
> I am looking at setting up tkey between master and slave
> nameservers but have been unable to find documentation on
> how to get this going properly. In the bind9 manual, there
> is a whole section on TSIG and setting up shared secrets
> between servers but how does one do it the TKEY way? That
> is, not having to generate different keypairs per host?
I'm not sure why you think you would _need_ different
key[pair]s per host. I take care not to share the
same secret with more than one organization. That way,
each distinct trust relationship has a specific secret,
but we, as well as any organization carrying multiple
zone instances for us, are spared the administrative
overhead of managing too many secrets.
ATB
Niall O'Reilly
University College Dublin IT Services
More information about the bind-users
mailing list