blob: bf2e3d1592a3d66b6ca4054e208cb33fe6bd0421 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE>BIND key Statement</TITLE>
</HEAD>
<BODY>
<H2>BIND Configuration File Guide--<CODE>key</CODE> Statement</H2>
<HR>
<A NAME="Syntax"><H3>Syntax</H3></A>
<PRE>
key <VAR>key_id</VAR> {
algorithm <VAR>algorithm_id</VAR>;
secret <VAR>secret_string</VAR>;
};
</PRE>
<HR>
<A NAME="Usage"><H3>Definition and Usage</H3></A>
<P>The <CODE>key</CODE> statement defines a key ID which can be used
in a <A HREF="server.html"><CODE>server</CODE></A> statement to
associate an authentication method with a particular name server.
<P>A key ID must be created with the <CODE>key</CODE>
statement before it can be used in a <CODE>server</CODE>
definition or an address match list.</P>
<P>The <VAR>algorithm_id</VAR> is a string that specifies a
security/authentication algorithm. The only supported
algorithm is "hmac-md5".
<P><VAR>secret_string</VAR> is the secret to be used by the algorithm,
and is treated as a base-64 encoded string. This may be generated
using dnskeygen or another utility or created manually.
<P>The <CODE>key</CODE> statement is intended for use in transaction
security. Unless included in a <A HREF="server.html"><CODE>server</CODE></A>
statement, it is not used to sign any requests. It is used to verify
requests matching the <VAR>key_id</VAR> and <VAR>algorithm_id</VAR>,
and sign replies to those requests.
<HR>
<CENTER><P>[ <A HREF="config.html">BIND Config. File</A>
| <A HREF="http://www.isc.org/products/BIND/">BIND Home</A>
| <A HREF="http://www.isc.org/">ISC</A> ]</P></CENTER>
<HR>
<ADDRESS>
Last Updated: $Id: key.html,v 1.10 1999/09/15 20:28:02 cyarnell Exp $
</ADDRESS>
</BODY>
</HTML>
|
