On Sun, Aug 12, 2012 at 2:15 AM, Nate Itkin <bind-us...@konadogs.net> wrote: > On Sun, Aug 12, 2012 at 01:17:11AM +0800, GS Bryan wrote: >> How to exactly use the 'rndc signing -nsec3param' command? >> The usage seems to be 'rndc signing -nsec3param <parameters> <zone >> name>', but even the ARM doesn't say anything about what <parameters> >> exactly looks like. >> But from what I've glean from Uncle Google, an example command that >> looks like this: 'rndc signing -nsec3param 1 0 10 FFFF example.com' >> means:- >> - SHA-1 is used for hashing. >> - opt-out is turned off. >> - iteration is done 10 times. >> - the FFFF is the salt. >> Am I right? So what kind of command I should enter if I were to use >> SHA-256 for hashing, opt-out is turned on, iteration is done 15 times, >> and salt is FFFFFF? >> Does it looks like this: 'rndc signing -nsec3param 2 1 15 FFFFFF >> example.com' ? >> >> -- >> Bryan S.G. > > > Yes. See "man nsec3hash" > > -- > Nate Itkin
Oh, but from the manpage, it says only SHA-1 is supported for hashing, is that correct? No other algorithms? -- Bryan S.G. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users