values.
webmin module provide correct support to resignzone
thanks also to automatic resign
--
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://urlshort.eu fakessh @
pgpdF2sY8w6Ua.pgp
Description: PGP signature
Le vendredi 22 avril 2011 04:20, Security Admin (NetSec) a écrit :
I am running BIND 9.4.2-P2 on OpenBSD v4.8
I have created the ZSK and KSK and added the keys to my zonefile
mydomain.hosts using the cat command to append to the end of the host
file.
When attempting to use the following
the implementation of resolution dnssec for the bind dns dry this
natively in the distribution centos 5.5 is feasible
try a simple config
Le vendredi 08 avril 2011 à 18:38 +0200, fddi a écrit :
Hello,
I was trying to add DLZ support to bind on CentOS 5.5 so it's
bind-9.3.6-4.P1.el5_5
I
hello bind guru
I realized that you could mix dns seconday with or without dnssec is
possible
the script of the isc answers simply a warning to be validated
--
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
signature.asc
it is, I'm coming I do not understand the need to recreate and validate
the file keyset-en ... I then recreate a good record with the key in
this file and my past signatures are good. I did not understand
correctly the operation of dlv
keyset files and I recreated downgrade bind to the
/vwwMCTgNboMQKtUdvNXDrYJDSHZws3x
iRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VStTDN0YUuWrBNh
and the other key include in the tarvall of bind
Le dimanche 27 mars 2011 à 14:59 +1100, Mark Andrews a écrit :
Mark Andrews writes:
In message 1301008426.12273.115.camel@localhost.localdomain, fakessh @
wr
ites
in insurance I googled
no result
how to do this ...
nb : i reajust my blog immediately
Le lundi 28 mars 2011 à 03:43 +1100, Mark Andrews a écrit :
In message 1301241108.12273.192.camel@localhost.localdomain, fakessh @
writ
es:
i use the key
BEPHMu/5onzrEE7z1egmhg/WPO0
can not validate my own
I have the answer about the DS field. ovh do not want to do and they say RTFM
and desmerdevous
and i requote
how to do this ... the SEP record
Le dimanche 27 mars 2011 à 20:08 +0200, Torinthiel a écrit :
On 03/27/11 19:09, fakessh @ wrote:
in insurance I googled
I removed the dns that does not support dnssec
Now it is necessary to wait a day or two
Le dimanche 27 mars 2011 à 20:58 +0200, Torinthiel a écrit :
On 03/27/11 20:45, fakessh @ wrote:
That would be the key with id 47103 in your case. The one that has SEP
flag, the one that only signs
dns appear as my syncro.
yet I'm still at the same point
missing keys
Le lundi 28 mars 2011 à 00:45 +0200, fakessh @ a écrit :
I removed the dns that does not support dnssec
Now it is necessary to wait a day or two
Le dimanche 27 mars 2011 à 20:58 +0200, Torinthiel a écrit :
On 03/27
hi bind //guru/
hi isc guru
hi mark andrews
hi michel graff
despite my efforts to validate isc dlv. I'm always at the same point I
can not validate the keys. error below the script isc
SUCCESS 94.23.59.30 answered DNSKEY query with rcode NOERROR
3.345:SUCCESS 87.98.186.232 answered DNSKEY query
Le vendredi 25 mars 2011 à 08:24 +1100, Mark Andrews a écrit :
In message 1300993213.12273.96.camel@localhost.localdomain, fakessh @
write
s:
hi bind //guru/
hi isc guru
hi mark andrews
hi michel graff
There are no DLV records for fakessh.eu. See below.
There are no DS records
everything worked just fine until I change the key rdnc. ns in my side
and only ns1.novacrea.fr ns1.xname.org are valid for dnssec
Le jeudi 24 mars 2011 à 23:02 +0100, fakessh @ a écrit :
Le vendredi 25 mars 2011 à 08:24 +1100, Mark Andrews a écrit :
In message 1300993213.12273.96.camel
the DS it is necessary that I contact OVH.
in the DLV conserne my problem I have this same recurring errors in the
script of the isc
that's my problem
Le vendredi 25 mars 2011 à 09:24 +1100, Mark Andrews a écrit :
In message 1301004136.12273.106.camel@localhost.localdomain, fakessh @
writes
it is 6 months since I used no worries dlv
Le jeudi 24 mars 2011 à 23:21 +0100, fakessh @ a écrit :
everything worked just fine until I change the key rdnc. ns in my side
and only ns1.novacrea.fr ns1.xname.org are valid for dnssec
Le jeudi 24 mars 2011 à 23:02 +0100, fakessh @ a écrit
@localhost.localdomain, fakessh @
writes:
it is 6 months since I used no worries dlv
What keys do you have recorded with dlv.isc.org?
Do they match what you currently have in the zone?
Click on ManageZones
Click on (details)
Under More click on (details)
Below is a check run for my
http://secspider.cs.ucla.edu/fakessh-eu--dnskey.txt
this page indicate a DSA algorhtyme
it's my old algorthyme
new is RSA
Le vendredi 25 mars 2011 à 01:25 +0100, fakessh @ a écrit :
I did click Click ManageZones
Click on (details)
Click under More (more)
performance test
the total
Le vendredi 25 mars 2011 à 09:24 +1100, Mark Andrews a écrit :
In message 1301004136.12273.106.camel@localhost.localdomain, fakessh @
writes:
Le vendredi 25 mars 2011 =C3=A0 08:24 +1100, Mark Andrews a =C3=A9crit :
In message 1300993213.12273.96.camel@localhost.localdomain, fakessh
2011 à 02:30 +0100, fakessh @ a écrit :
I changed options
update-policy {
grant fakessh.eu. name fakessh.eu. A TXT;
};
since
update-policy {
grant * self * A TXT;
};
Le mardi 22 mars 2011 à 14:59 +0100, fakessh @ a écrit :
hi bind guru
It appears
I use and bind rndc and dlv isc for dnssec
my zone config like this
zone renelacroute.fr {
type master;
file /var/named/renelacroute.fr.hosts;
auto-dnssec maintain;
update-policy local;
key-directory /var/named/keys/;
allow-transfer {
hi isc
hi list
hi guru of bind
errors continue to recur rndc-key expired
But I apply the command for create the key
dnssec-keygen -a HMAC-MD5 -b 512 -n HOST rndc-key
Le mercredi 23 mars 2011 à 16:24 +0100, fakessh @ a écrit :
I use and bind rndc and dlv isc for dnssec
my zone config like
hi guru
I'm walking on the same server rndc and named
Le mercredi 23 mars 2011 à 14:46 -0400, Joseph S D Yao a écrit :
What is this??? To: fakessh @ fake...@fakessh.eu
On Tue, Mar 22, 2011 at 02:59:22PM +0100, fakessh @ wrote:
hi bind guru
It appears after the log that my
I can wait how long before this ends?
Le mercredi 23 mars 2011 à 14:46 -0400, Joseph S D Yao a écrit :
What is this??? To: fakessh @ fake...@fakessh.eu
On Tue, Mar 22, 2011 at 02:59:22PM +0100, fakessh @ wrote:
hi bind guru
It appears after the log that my signature rndc-key
hi bind guru
It appears after the log that my signature rndc-key has expired. how to
update it
--
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
signature.asc
Description: Ceci est une partie de message numériquement signée
I changed options
update-policy {
grant fakessh.eu. name fakessh.eu. A TXT;
};
since
update-policy {
grant * self * A TXT;
};
Le mardi 22 mars 2011 à 14:59 +0100, fakessh @ a écrit :
hi bind guru
It appears after the log that my signature rndc-key has expired. how
I managed to walk isc dlv with only 2 servers with active dnssec above.
and I quote ns1.novacrea.fr and ns1.xname.org.
it produced no problem before
Le lundi 21 mars 2011 à 07:45 +0100, Torinthiel a écrit :
On 03/21/11 02:13, fakessh @ wrote:
Yes, I bothered to redeploy new keys, fields TXT
hello bind network and duru.
I can not validate the key dlv via the website of the isc.
I do not understand why the warning is the isc
you have an explanation
SUCCESS 94.23.59.30 answered DNSKEY query with rcode NOERROR
4.502:SUCCESS 87.98.164.164 answered DNSKEY query with rcode NOERROR
and what do I do.
and what is this other publication of another DS
Le lundi 21 mars 2011 à 08:25 +1100, Mark Andrews a écrit :
In message 1300650238.6651.15.camel@localhost.localdomain, fakessh @
writes
:
hello bind network and duru.
I can not validate the key dlv via the website
Le dimanche 20 mars 2011 à 22:47 +0100, Torinthiel a écrit :
On 03/20/11 22:33, fakessh @ wrote:
and what do I do.
You have to add your key to ISC's DLV registry. Go to dlv.isc.org,
create account, login, add a zone, add keys for it and publish a record
in your zone validating
Le lundi 21 mars 2011 à 10:58 +1100, Mark Andrews a écrit :
In message 1300660825.6651.21.camel@localhost.localdomain, fakessh @
writes
that's what I did
I made =E2=80=8B=E2=80=8Ba post on my blog explaining how I do
goo.gl/EAbCB
Have you changed your DNSKEY's since you did
.camel@localhost.localdomain, fakessh @
writes
:
Le dimanche 20 mars 2011 =C3=A0 22:47 +0100, Torinthiel a =C3=A9crit :
On 03/20/11 22:33, fakessh @ wrote:
and what do I do.=20
=20
You have to add your key to ISC's DLV registry. Go to dlv.isc.org,
create account, login, add
hi bind network
hi guru of bind
is there a special key DNSKEY for areas zone .eu
or should we be satisfied keys included in the tarball of bind
thanks for your return
--
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
I recompile the source rpm fedora core 14 bind 9.7.3 to EL4 and EL5
with koji see my blog for explanations
http://fakessh.eu/2011/03/10/bind-9-7-3-sur-centos-5-5-depuis-rpm-source-fecora-14/
Le mardi 15 mars 2011 à 09:45 -0400, Mike Diggins a écrit :
I'm about to transition my name servers
hello bind guru and list
How is it necessary to have a secondary dns ipv6 to properly establish a
connection ipv6
thanks for your return
--
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x092164A7
signature.asc
Description: Ceci est une
Le mardi 01 mars 2011 à 09:34 +0100, Laurent Bauer a écrit :
On 28/02/2011 23:35, fakessh @ wrote:
This is not handled yet. The .FR zone has been signed since september
2010, but submitting DS for child zones will be supported later this year.
See http://operations.afnic.fr for more
a solution
nb : I publish on my blog a little article on dnssec
http://fakessh.eu/2011/02/16/faire-marcher-dnssec-sur-son-serveur/
Le mardi 01 mars 2011 à 21:00 +0100, Torinthiel a écrit :
On 03/01/11 20:17, fakessh @ wrote:
is the repeat isc dlv seems to accept the flag DS
in my case i have
Le lundi 28 février 2011 à 20:14 +0100, Laurent Bauer a écrit :
Eivind Olsen wrote:
Well, I see a few different errors for that domain:
I don't see any DS records for your domain when I query the fr.
nameservers. I don't know how it's handled in that TLD but I guess
you somehow
Le lundi 24 janvier 2011 00:04, vous avez écrit :
At this stage I think you will need to post the zone so we can see
what you have done. Also the named.conf zone clause for ovh.net.
Marc thank you for your attention as you bear me, thank you very humbly
i paste my named.conf and the zone
thank you for this very constructive reflection. I just changed the zone
r13151.ovh.net it contained only fields ptr ns and I just added a field
and . I increment the serial then all and apply rndc reload flush
reconfig sign all zone
dig answer now seems
r13151 ~]# dig +short
hello
administrators bind. How is it necessary to have a secondary dns server
ipv6 in to establish a connection ipv6. I like ipv6 me and one of
someone else yet I can not properly establish connections ipv6 I do not
even know if I r13151.ovh.net answer properly in ipv6
sincerely
--
gpg
hello
I tried to make a simple box ipv6 r13151.ovh.net did not I know about
registration . my domain names such fakessh.eu owns a recording
well.
how to properly configure a zone ipv6
thanks
Le dimanche 23 janvier 2011 à 03:41 +0100, Eivind Olsen a écrit :
administrators bind. How
. fakessh.eu
and perform a complete resignatures area zone
this should enable me to have the flag DS and DS sign, DLV and DLV sign
in my area zone
its right
thanks for your return many return are welcome
Le jeudi 13 janvier 2011 à 12:36 -0500, Paul Wouters a écrit :
On Thu, 13 Jan 2011, fakessh
hello bind network
hello dnssec network admin.
I correctly configure my server centos dnssec on with as a
representative of encryptions dlv isc. my question is relevant and was
already asked but I have not found the complete answer on google. my
question is how to include the DS record in the
create slave zone with ptr and master zone
is documented with the manual
anonymous
Le mardi 04 janvier 2011 à 07:32 -0800, online-reg a écrit :
Hi All: I have a /28 that was supposed to be delegated to my NS by my
ISP.
How can I check that it is correctly delegated? I have the
in-addr.arpa
Le mardi 04 janvier 2011 à 08:33 -0800, online-reg a écrit :
Hi All: I have a /28 that was supposed to be delegated to my NS by my
ISP.
How can I check that it is correctly delegated? I have the in-addr.arpa
zone
configured in my NS and it resolves properly when I test it
Le mardi 28 décembre 2010 à 16:42 -0500, Alan Clegg a écrit :
On 12/28/2010 4:12 PM, fakessh @ wrote:
named-sdb[24511]: /var/named/renelacroute.fr.hosts.jnl: create:
permission denied
Permissions are wrong on /var/named -- the named process needs to be
able to write into it.
Dec 28
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hello bind network
I just realized that my version of bind and vulnerable and I'm wondering
if by upgrading to version 9.5.2-P4 I would always be vulnerable
i use centos 5.5 and use
http://www.pramberger.at/peter/services/repository/rhel5/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 14.12.2010 19:28, fakessh @ a écrit :
hello bind network
I just realized that my version of bind and vulnerable and I'm wondering
if by upgrading to version 9.5.2-P4 I would always be vulnerable
i use centos 5.5 and use
http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 09.12.2010 23:26, Matus UHLAR - fantomas a écrit :
In message 20101209220716.ga2...@fantomas.sk, Matus UHLAR - fantomas
writes:
pardon my ignorance if this has been discussed (haven't notice), but
if BIND is configured to automatically sign
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 10.12.2010 00:24, Matus UHLAR - fantomas a écrit :
On 09.12.10 23:45, fakessh @ wrote:
webmin implement the mecanism of resign zones
good to know, but our system fille DNS data using some automatic processes
from more sources and I don't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hello bind network
hello guru of bind
hello everybody
i have all a slice of ipv6 address 2001:41D0:2:3Dd6::/64
and I would simply change it with my bind ipv6
please you have to be in your answer or I will not understand
Please give concrete examples
hello all
hello bind network
I am having problems with my dk and dkim signature of my emails
I have successfully made the process of verification of signatures dnssec
all my domains are correct and good displays on dlv.isc.org
the reason for my problem just the reason that I have updated my
On Mon, 31 May 2010 05:25:56 +0200, fakessh fake...@fakessh.eu wrote:
hello all reader
hello bind network
I am having problems with my dk and dkim signature of my emails
I have successfully made the process of verification of signatures
dnssec
all my domains are correct and good displays
hello all reader
hello bind network
I am having problems with my dk and dkim signature of my emails
I have successfully made the process of verification of signatures dnssec
all my domains are correct and good displays on dlv.isc.org
the reason for my problem just the reason that I have updated
On Mon, 07 Dec 2009 19:07:19 +0100, Chris Hills c...@chaz6.com wrote:
It is back now.
it is up for me
https://www.isc.org/
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
I use bind, and I have a configuration that seems normal to me on my server
Here
fakessh.eu. IN MX 10fakessh.eu.
fakessh.eu. IN TXT v=spf1 ip4:94.23.60.255 mx mx:fakessh.eu ?all
problem is when I'm trying to configure my mail server via
56 matches
Mail list logo