Can't get rid of key

Mark Andrews marka at
Wed Mar 11 00:51:58 UTC 2020

So what do you still have related to the zone?  Have you examined the
contents of those files?  Some of them may be binary so grep won’t work.
Are you actually looking in the right place.  Are you running chroot?
Did you really stop named?  How is the zone defined in named.conf?


> On 11 Mar 2020, at 11:14, Alan Batie <alan at> wrote:
> I'm trying to clear a zone's dnssec records, or at least some of them -
> I removed the key files from the keys directory and removed the zone.*
> files (signed, jbk, jnl, etc) and restarted named.  I did a recursive
> grep for the key id in question in /var/named and it's nowhere to be
> found, yet, after restarting named, the dnskey record returns, and the
> other records have corresponding rrsig records.  Where else could the
> key be coming from?  Thanks...
> _______________________________________________
> Please visit to unsubscribe from this list
> bind-users mailing list
> bind-users at

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at

More information about the bind-users mailing list