BIND-8.2.3-REL I am trying TSIG for two of my servers using the instructions from: http://www.oreilly.com/catalog/dns4/chapter/ch11.html [snip] ############################## TSIG Section ######################### server 62.8.64.4 { keys { longonot-ns2.wananchi.com; }; }; [/snip] On the primary I have this config, via an $include: key longonot-ns2.wananchi.com { algorithm hmac-md5; secret "some_thing_here"; }; And I have this in the primary server: wash@ns2 ('tty') /etc/namedb/s 59 -> ls -al total 14 drwxr-xr-x 2 root wheel 512 Sep 14 18:29 . drwxr-xr-x 3 root wheel 9216 Sep 14 18:24 .. -rw-r--r-- 1 root wheel 60 Sep 14 16:40 Klongonot-ns2.wananchi.com.+157+00000.key -rw------- 1 root wheel 77 Aug 10 18:08 Klongonot-ns2.wananchi.com.+157+00000.private -rw-r--r-- 1 root wheel 223 Sep 14 17:12 dns-keys.conf -rw-r--r-- 1 root wheel 6 Sep 14 18:29 named.pid Have I missed something?? When I reload the slave server, I get Sep 14 17:03:32 longonot named[174]: reloading nameserver Sep 14 17:03:32 longonot named[174]: /etc/namedb/named.conf:34: unknown key 'Klongonot-ns2.wananchi.com.+157+00000.key' Sep 14 17:03:32 longonot named[174]: /etc/namedb/named.conf:34: empty key not added to server list Sep 14 17:03:32 longonot named[174]: Ready to answer queries. I also try, wash@longonot ('tty') /etc/namedb/ 60 -> nsupdate -k /etc/namedb/:longonot-ns2.wananchi.com Klongonot-ns2.wananchi.com.+157+00000.key -v dst_read_key: error reading key I have copied the key to the slave server with the same name! TIA -Wash -- Odhiambo Washington Wananchi Online Ltd., wash@wananchi.com 1st Flr Loita Hse. Tel: 254 2 313985 Loita Street., Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE. Humor is a drug which it's the fashion to abuse. -William Gilbert -- Attached file included as plaintext by Listar -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7oinPn7LIsuxjem8RAjr8AJsHHmpTLq3G3Mr2Ql1Wvfy42wrWUQCfQjfj w+yQJoHsQ16YDrNqbbfhGqg= =Ftqs -----END PGP SIGNATURE-----