advice and pointers on Apache, Bind/DNS, Ubuntu
John Van Ostrand
john-Da48MpWaEp0CzWx7n4ubxQ at public.gmane.org
Wed Nov 1 18:04:27 UTC 2006
On Tue, 2006-10-31 at 17:29 -0500, Yanni Chiu wrote:
> I know I've got a few pieces to work out,
> but what I'd like advice on is how to automate
> the Bind/DNS configuration.
You could setup BIND to support dynamic DNS and use the nsupdate program
to perform the update from the web signon. Ideally you would use a
subdomain to begin with (e.g. baz.users.foobar.com) for better security.
Use dnssec-keygen to generate a key (dnssec-keygen -a HMAC-MD5 -b 512 -n
host foobarweb) and then setup that key in named.conf:
key "foobarweb" {
algorithm hmac-md5;
secret "lakshdfhjasdfjal;dfjl;ajfl;ajdf;jkadf";
}
Then setup the zone:
zone "users.foobar.com" {
type master;
# use a "dyn" directory that is writable by bind
file "dyn/users.foobar.com";
update-policy {
grant foobarweb name ....;
};
};
--
John Van Ostrand
Net Direct Inc.
Chief Technology Officer
564 Weber St. N. Unit 12
Waterloo, ON N2L 5C6
map
john-Da48MpWaEp0CzWx7n4ubxQ at public.gmane.org
Ph: 519-883-1172
ext.5102
Linux Solutions / IBM
Hardware
Fx: 519-883-8533
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list