Re: auto update signatures dnssec

2010-12-29 Thread G.W. Haywood
Hi there, On Wed, 29 Dec 2010 Alan Clegg wrote: > In your named.conf, you should have "key-directory <...>;" defined. The > keys should be there (and readable by the named process). > > If you don't have a "key-directory" statement, then named will look in > the working directory from which the

Re: auto update signatures dnssec

2010-12-28 Thread Alan Clegg
On 12/28/2010 5:04 PM, fakessh @ wrote: >>> Dec 28 22:04:02 r13151 named-sdb[24511]: dns_dnssec_findzonekeys2: >>> error reading private key file fakessh.eu/DSA/9552: file not found >> >> It seems that the .key and .private files are not in the right place. > what is the right place ? In your na

Re: auto update signatures dnssec

2010-12-28 Thread fakessh @
Le mardi 28 décembre 2010 à 16:42 -0500, Alan Clegg a écrit : > On 12/28/2010 4:12 PM, fakessh @ wrote: > > named-sdb[24511]: /var/named/renelacroute.fr.hosts.jnl: create: > > permission denied > > Permissions are wrong on /var/named -- the named process needs to be > able to write into it. > >

Re: auto update signatures dnssec

2010-12-28 Thread Torinthiel
fakessh @ pisze: >>> zone "fakessh.eu" { >>> type master; >>> file "/var/named/fakessh.eu.hosts"; >>> auto-dnssec maintain; >>> update-policy local; >>> key-directory "/var/named/keyset-fakessh.eu"; >>> allow-transfer { 213.251.188.140;87.98.164.164;

Re: auto update signatures dnssec

2010-12-28 Thread fakessh @
sorry for the top box on alan clegg Le lundi 27 décembre 2010 à 08:48 -0500, Alan Clegg a écrit : > On 12/27/2010 1:07 AM, fakessh wrote: > > > good day and merry christmas. > > Thanks, and to you as well. > > > I just put in place guidelines in bind config to update the signatures > > dnssec >

Re: auto update signatures dnssec

2010-12-27 Thread Alan Clegg
On 12/27/2010 1:07 AM, fakessh wrote: > good day and merry christmas. Thanks, and to you as well. > I just put in place guidelines in bind config to update the signatures > dnssec > I'm looking for options that require the least amount of maintenace that > all updates of signatures are performed

auto update signatures dnssec

2010-12-26 Thread fakessh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hello bind network good day and merry christmas. I just put in place guidelines in bind config to update the signatures dnssec I'm looking for options that require the least amount of maintenace that all updates of signatures are performed without an

auto update signatures dnssec

2010-12-26 Thread fakessh @
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hello bind network good day and merry christmas. I just put in place guidelines in bind config to update the signatures dnssec I'm looking for options that require the least amount of maintenace that all updates of signatures are performed without an