netbsd-users: Re: help with DDNS using BIND9/DHCPD

Subject: Re: help with DDNS using BIND9/DHCPD
To: None <netbsd-users@NetBSD.org>
From: Matthias Scheler <tron@zhadum.de>
List: netbsd-users
Date: 01/06/2005 08:56:47

In article <1c42f0e050105163712b01cf0@mail.gmail.com>,
	Amadeus Stevenson <amadeus.stevenson@gmail.com> writes:
> I ran rndc-confgen initially and kept the hmac-md5 key suggested:

Are you sure that this key can be used for DDNS updates, too?
I think you need to create one with "dnssec-keygen".

> /etc/rndc.conf:
> key "rndc-key" {
>         algorithm hmac-md5;
>         secret "md5hash...==";
> };

I've got the DDNS key in a file called "dns.keys" which is included
by "named.conf" and "dhcpd.conf". This avoids having to store the key
at two locations. And my key looks like this:

key intranet.zhadum.de {
        algorithm HMAC-MD5.SIG-ALG.REG.INT;
        secret [...];
};

I'm not sure if that means it uses a different algorythm.

	Kind regards

-- 
Matthias Scheler                                  http://scheler.de/~matthias/