Blame example.com.key.conf
|
Fabio Alessandro Locati |
05a4b5a |
# Secret keys for TSIGs that secure zone transfers.
|
|
Fabio Alessandro Locati |
05a4b5a |
# You could include: "secret.keys" and put the 'key:' statements in there,
|
|
Fabio Alessandro Locati |
05a4b5a |
# and give that file special access control permissions.
|
|
Fabio Alessandro Locati |
05a4b5a |
#
|
|
Fabio Alessandro Locati |
05a4b5a |
# key:
|
|
Fabio Alessandro Locati |
05a4b5a |
# The key name is sent to the other party, it must be the same
|
|
Fabio Alessandro Locati |
05a4b5a |
#name: "keyname"
|
|
Fabio Alessandro Locati |
05a4b5a |
# algorithm hmac-md5, or hmac-sha1, or hmac-sha256 (if compiled in)
|
|
Fabio Alessandro Locati |
05a4b5a |
#algorithm: hmac-sha256
|
|
Fabio Alessandro Locati |
05a4b5a |
# secret material, must be the same as the other party uses.
|
|
Fabio Alessandro Locati |
05a4b5a |
# base64 encoded random number.
|
|
Fabio Alessandro Locati |
05a4b5a |
# e.g. from dd if=/dev/random of=/dev/stdout count=1 bs=32 | base64
|
|
Fabio Alessandro Locati |
05a4b5a |
#secret: "K2tf3TRjvQkVCmJF3/Z9vA=="
|