On Mon, Apr 20, 2015 at 4:33 PM, Evan Hunt <e...@isc.org> wrote:
> On Mon, Apr 20, 2015 at 04:17:57PM -0400, Warren Kumari wrote:
>> That page says (for BIND):
>> "Note: When using this config file you will probably need to delete
>> /var/named/21ce078705d04ca6324c1d0313fc08ea99f3cef6389a6744d40bd2d9d0cd7816.mkeys*
>> every time you restart BIND after missing a keyroll." (I'm not quite
>> sure how that filename was derived...)
>
> The misguided idea was to make a filename that would be unique for
> each view, but not to use the view name because those can contain
> characters that are illegal in file names (e.g., '/').  So it's a
> sha256 hash of the view name,

Cooooool! It looked like a hash of <something>, I was just too lazy to
go figure out what the <something> was. I was hoping it was a hash of
something funny...

> which is guaranteed to be a legal file
> name because it's all hexadecimal.  It's also guaranteed to be maximally
> confusing.
>
> As of BIND 9.10, it doesn't name files that way anymore.

Awww... Now that I know the secret you've gone and changed it.

W

> It'll still
> read an existing file using that naming format if it finds one, though.
>
> --
> Evan Hunt -- e...@isc.org
> Internet Systems Consortium, Inc.



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to