On Sun, Aug 12, 2012 at 01:17:11AM +0800, GS Bryan wrote: > How to exactly use the 'rndc signing -nsec3param' command? > The usage seems to be 'rndc signing -nsec3param <parameters> <zone > name>', but even the ARM doesn't say anything about what <parameters> > exactly looks like. > But from what I've glean from Uncle Google, an example command that > looks like this: 'rndc signing -nsec3param 1 0 10 FFFF example.com' > means:- > - SHA-1 is used for hashing. > - opt-out is turned off. > - iteration is done 10 times. > - the FFFF is the salt. > Am I right? So what kind of command I should enter if I were to use > SHA-256 for hashing, opt-out is turned on, iteration is done 15 times, > and salt is FFFFFF? > Does it looks like this: 'rndc signing -nsec3param 2 1 15 FFFFFF example.com' > ? > > -- > Bryan S.G.
Yes. See "man nsec3hash" -- Nate Itkin _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users