bind 9.3.1 available

syaodzir syaodzir at yahoo.co.uk
Sun Apr 24 10:47:26 PDT 2005


It doesn't need the security patch as the issue has been resolved in
bind 9.3.1.
The pakage installs no problem with the current commands (just change
version numbers).

As a suggestion you could use in /home/named/etc/named.conf:

key "rndc_key" {
     algorithm hmac-md5;
     include "/etc/rndc.key";
 };

and in /home/named/etc/rndc.conf

algorithm "hmac-md5";
    secret
    include "/etc/rndc.key";
    };

The /home/named/etc/rndc.key file would contain the single line:

secret "[Insert secret from rndc-confgen's output here]";

The rndc.key file would be chown root:named and chmod 640
so that only root can read/write to it and named can read it.
at the moment the key is world readable :o

You could of course just chmod 770 /home/named after the 
chown -R named.named /home/named command ;)

Personally i like having the key in a separate file for convinience. 

rgds






More information about the blfs-dev mailing list