Prof. Dr. Michael Schefczyk wrote:
>
> The issue is that normal permissions in the key-directory are root:bind
> 0644 for the public key and root:bind 0600 for the private key. The
> issue disappears when setting the private key to 0644 also and that must
> be done before starting bind - before us
Thank you! Setting the .private files to 0640 does work as well and is
certainly more secure.
-Ursprüngliche Nachricht-
Von: bind-users [mailto:bind-users-boun...@lists.isc.org] Im Auftrag von Paul
Kosinski
Gesendet: Samstag, 3. März 2018 00:57
An: bind-users@lists.isc.org
Betreff: Re: D
Dear Mark,
I did get the issue resolved while setting up a test environment.
The issue is that normal permissions in the key-directory are root:bind 0644
for the public key and root:bind 0600 for the private key. The issue disappears
when setting the private key to 0644 also and that must be do
Dear Mark,
Thank you very much! No, chroot is not involved. Package debootstrap (required
for chroot as far as I understand) is not even installed.
It would be great to understand, what the error message:
warning: dns_dnssec_findzonekeys2: error reading private key file
fqdn/ECDSAP384SHA384/41
4 matches
Mail list logo
