Cannot use dnssec-settime with old keys

Hauke Lampe list+bindusers at hauke-lampe.de
Thu Feb 25 09:47:58 UTC 2010


Stephane Bortzmeyer wrote:

> And strace (Debian/Linux box) shows that key files were opened only in
> read-only and no file was opened for writing:
> 
> % strace dnssec-settime -f -v 3 Ktoto.fr.+008+42555 |& grep open
> 
> Did anyone managed to use dnssec-settime -f ? 

Yes. The key file format is upgraded on write operations only.

For example, try:
> dnssec-settime -P+0 -A+0 -f -v 3 Ktoto.fr.+008+42555


Hauke.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100225/3c3ec2a8/attachment.bin>


More information about the bind-users mailing list