[BIND] RE: KSK Rollover
Mark Elkins
mje at posix.co.za
Fri Sep 7 17:05:09 UTC 2018
I'm aware of: rndc managed-keys status
I'm also aware of: rndc secroots -
(a Hypen at the end of "rndc secroots" will send output to stdout)
I'm just not sure how long the 'hyphen' argument has been around for but
vaguely remember a similar discussion from long ago.
It looks like someone else also asked the same question but wasn't
allowed to change the default behaviour. :-(
So, if you are having issues running "rndc secroots", a quick suggestion
would be to try appending a 'hyphen' ('-') as an additional argument and
see if that helps.
On 09/07/2018 06:46 PM, Tony Finch wrote:
> Mark Elkins <mje at posix.co.za> wrote:
>
>> I kinda also wonder why the command simply doesn't output to stdout by
>> default.
> Historical reasons :-) BIND 9.11 and later have `rndc managed-keys` which
> is rather more user-friendly. I get the impression that the root rollover
> guides are using `rndc secroots` because that works in all the versions
> that support RFC 5011 so it ends up being simpler to explain.
>
> Tony.
--
Mark James ELKINS - Posix Systems - (South) Africa
mje at posix.co.za Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
More information about the bind-users
mailing list