Talk:BIND, dynamic DNS
(oh) |
((added ~~~~~)) |
||
| Line 38: | Line 38: | ||
weird or just convenient? | weird or just convenient? | ||
| + | |||
| + | [[User:82.182.172.103|82.182.172.103]] 06:54, 20 August 2008 (EDT) | ||
Revision as of 06:54, 20 August 2008
variable set wrong?
in set-ddns.pl:
$KEYFILE should probably point to the key file, not the private file.
$KEYFILE = 'Kclient.server.net.+157+15661.private'; should read $KEYFILE = 'Kclient.server.net.+157+15661.key';
par non, complimenteré?
--User:82.182.172.103 17:41, 19 August 2008 (EDT)
nope. see man nsupdate
nsupdate uses the -y or -k option (with an HMAC-MD5 key) to provide the
shared secret needed to generate a TSIG record for authenticating
Dynamic DNS update requests. These options are mutually exclusive. With
the -k option, nsupdate reads the shared secret from the file keyfile,
whose name is of the form K{name}.+157.+{random}.private.
Kinda confusing, I know, but I'm not the one who made the confusion. (Note how the manpage itself refers to the file as "keyfile" in the argument examples; I'm just following the existing conventions by naming my own variable $KEYFILE.)
Reading on in the manpage:
For historical reasons, the file K{name}.+157.+{random}.key must also be
present.
So, there ya have it. =)
--Jimbo 22:59, 19 August 2008 (EDT)
oh
yes, there I have it (smiley).
however it seems that it does not matter which of the two files I feed to nsupdate -- it works in either case. indeed, nsupdate -k Kclient.server.net.+157+15661 (without the last part, notice) is valid too. well, at least this is true on the debian system I am testing this on.
weird or just convenient?
82.182.172.103 06:54, 20 August 2008 (EDT)
