BIND Configuration File Guide--key Statement


key key_id {
  algorithm algorithm_id;
  secret secret_string;

Definition and Usage

The key statement defines a key ID which can be used in a server statement to associate an authentication method with a particular name server.

A key ID must be created with the key statement before it can be used in a server definition or an address match list.

The algorithm_id is a string that specifies a security/authentication algorithm. The only supported algorithm is "hmac-md5".

secret_string is the secret to be used by the algorithm, and is treated as a base-64 encoded string. This may be generated using dnskeygen or another utility or created manually.

The key statement is intended for use in transaction security. Unless included in a server statement, it is not used to sign any requests. It is used to verify requests matching the key_id and algorithm_id, and sign replies to those requests.

[ BIND Config. File | BIND Home | ISC ]

Last Updated: $Id: key.html,v 1.10 1999/09/15 20:28:02 cyarnell Exp $