DHCPD - BIND DDNS: dnssec-keygen hmac-md5 removed

moo can moocan2112 at yahoo.fr
Fri Apr 10 23:52:12 UTC 2020

For educational purpose I need to setup an DDNS between DCHPD and BIND.
Everywhere, debian, zytrax, freeipa, veritas ... use dnssec-keygen.Zytrax: 
dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST keyname

dnssec-keygen -a HMAC-MD5 -b 128 -n HOST example.com.

dnssec-keygen -a HMAC-MD5 -b 128 -r /dev/urandom -n USER DDNS_UPDATE
HMAC-* support seems to have been removed from dnssec-keygen

It seems we need to use tsig-keygen but it is not clear.

I try to follow this guide from debian https://wiki.debian.org/DDNS#How_to_set_up_DDNS as example but there is no -n USER or -n HOST option with tsig-keygen.

I do not find any clear example.

Thanks you in advance for your help.

Kind Regards

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20200410/89857d56/attachment.htm>

More information about the bind-users mailing list