rndc signing -nsec3param
bind-users at konadogs.net
Sat Aug 11 18:15:34 UTC 2012
On Sun, Aug 12, 2012 at 01:17:11AM +0800, GS Bryan wrote:
> How to exactly use the 'rndc signing -nsec3param' command?
> The usage seems to be 'rndc signing -nsec3param <parameters> <zone
> name>', but even the ARM doesn't say anything about what <parameters>
> exactly looks like.
> But from what I've glean from Uncle Google, an example command that
> looks like this: 'rndc signing -nsec3param 1 0 10 FFFF example.com'
> - SHA-1 is used for hashing.
> - opt-out is turned off.
> - iteration is done 10 times.
> - the FFFF is the salt.
> Am I right? So what kind of command I should enter if I were to use
> SHA-256 for hashing, opt-out is turned on, iteration is done 15 times,
> and salt is FFFFFF?
> Does it looks like this: 'rndc signing -nsec3param 2 1 15 FFFFFF example.com' ?
> Bryan S.G.
Yes. See "man nsec3hash"
More information about the bind-users