给DNS设置KEY
来源:互联网 发布:mysql修改root密码 编辑:程序博客网 时间:2024/06/07 19:22
1.建立 keyfile[root@server mnt]# cd /mnt/[root@server mnt]#dnssec-keygen -a HMAC-MD5 -b 256 -n HOST westoskey ##设置加密, HMAC-MD5为加密方式,256 为加密字符大小,得在server机上敲键盘或者晃动鼠标[root@server mnt]# lsKwestoskey.+157+44239.key Kwestoskey.+157+44239.private westos.com.zone2.建立 key configfile[root@server mnt]# cp -p /etc/rndc.key /etc/westos.key ##复制加密模板[root@server mnt]# cat /mnt/Kwestoskey.+157+44239.key westoskey. IN KEY 512 3 157 Mfc12pxQDEFKoZfZwydWJBg1BMipCiWf1GN+VSeyNPY=[root@server mnt]# vim /etc/westos.keykey "westoskey" { ##注意修改 algorithm hmac-md5; secret "Mfc12pxQDEFKoZfZwydWJBg1BMipCiWf1GN+VSeyNPY=";};3.config dns[root@server mnt]# vim /etc/named.conf 43 include "/etc/westos.key"; ##必须在43行加[root@server mnt]# vim /etc/named.rfc1912.zones zone "westos.com" IN { type master; file "westos.com.zone"; allow-update { key westoskey; }; ##修改本行,设置加密方式更新};[root@server mnt]# systemctl restart named4. 检测[root@server mnt]# scp /mnt/Kwestoskey.+157+44239.* root@172.25.254.10:/mnt/root@172.25.254.10's password: Kwestoskey.+157+44239.key 100% 73 0.1KB/s 00:00 Kwestoskey.+157+44239.private 100% 185 0.2KB/s 00:00 在client[root@client ~]# cd /mnt/[root@client mnt]# lsKwestoskey.+157+44239.key Kwestoskey.+157+44239.private[root@client mnt]# nsupdate -k Kwestoskey.+157+44239.private > server 172.25.254.20> update add hello.westos.com 86400 A 172.25.254.111> send> quit[root@client mnt]# dig hello.westos.com; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> hello.westos.com;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42215;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2;; OPT PSEUDOSECTION:; EDNS: version: 0, flags:; udp: 4096;; QUESTION SECTION:;hello.westos.com. IN A;; ANSWER SECTION:hello.westos.com. 86400 IN A 172.25.254.112;; AUTHORITY SECTION:westos.com. 86400 IN NS dns.westos.com.;; ADDITIONAL SECTION:dns.westos.com. 86400 IN A 172.25.254.20;; Query time: 0 msec;; SERVER: 172.25.254.20#53(172.25.254.20);; WHEN: Tue May 09 06:33:43 EDT 2017;; MSG SIZE rcvd: 95
2 0
- 给DNS设置KEY
- 给服务器设置DNS
- 设置DNS
- 设置 DNS
- 设置dns
- 给按钮一个key
- 给按钮一个key
- 给DNS缓存服务器投毒
- Configure RNDC Key for Bind9 ( DNS Server )
- linux-DNS配置与key更新
- DNS 设置详解
- linux的dns设置
- 如何设置 DNS
- linux下dns设置
- DNS服务器设置详解
- linux设置DNS地址
- Android模拟器DNS设置
- bind主辅dns设置
- SpringBoot笔记一
- UNIX一切皆文件!!
- SPARK必备概念
- TX1上Caffe Deep Learning Framework with cuDNN Support安装
- 上三角
- 给DNS设置KEY
- Android-动态加载插件化的两种实现方式(二):接口
- bzoj2618: [Cqoi2006]凸多边形
- CODE[VS] 青铜Bronze 整数处理 1202:求和
- Windows 钩子函数
- 年轻 ——塞缪尔·乌尔曼
- 程序4--日期是一年的第几天
- ListView通用适配器
- Wireshark基本介绍和学习TCP三次握手