Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #16047
| Path | csiph.com!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail |
|---|---|
| From | Evan Hunt <each@isc.org> |
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: how to revert signed db zone file to unsgined plain text (remove dnssec keys) |
| Date | Sun, 9 Aug 2020 22:38:44 +0000 |
| Lines | 21 |
| Approved | bind-users@lists.isc.org |
| Message-ID | <mailman.799.1597012681.942.bind-users@lists.isc.org> (permalink) |
| References | <9010d1a0-fc3c-3fc3-c94e-bfcae79fab57@powercraft.nl> <20200809025114.GA46379@isc.org> <26a3b5cb-f2a8-8bdc-b190-5216fbacd6c8@powercraft.nl> <20200809223844.GA56529@isc.org> |
| NNTP-Posting-Host | lists.isc.org |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=us-ascii |
| X-Trace | usenet.stanford.edu 1597012725 26230 149.20.1.60 (9 Aug 2020 22:38:45 GMT) |
| X-Complaints-To | action@cs.stanford.edu |
| Cc | bind-users@lists.isc.org |
| To | Jelle de Jong <jelledejong@powercraft.nl> |
| Return-Path | <each@isc.org> |
| X-Original-To | bind-users@lists.isc.org |
| Delivered-To | bind-users@lists.isc.org |
| Content-Disposition | inline |
| In-Reply-To | <26a3b5cb-f2a8-8bdc-b190-5216fbacd6c8@powercraft.nl> |
| X-BeenThere | bind-users@lists.isc.org |
| X-Mailman-Version | 2.1.29 |
| Precedence | list |
| List-Id | BIND Users Mailing List <bind-users.lists.isc.org> |
| List-Unsubscribe | <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe> |
| List-Archive | <https://lists.isc.org/pipermail/bind-users/> |
| List-Post | <mailto:bind-users@lists.isc.org> |
| List-Help | <mailto:bind-users-request@lists.isc.org?subject=help> |
| List-Subscribe | <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe> |
| X-Mailman-Original-Message-ID | <20200809223844.GA56529@isc.org> |
| X-Mailman-Original-References | <9010d1a0-fc3c-3fc3-c94e-bfcae79fab57@powercraft.nl> <20200809025114.GA46379@isc.org> <26a3b5cb-f2a8-8bdc-b190-5216fbacd6c8@powercraft.nl> |
| Xref | csiph.com comp.protocols.dns.bind:16047 |
Show key headers only | View raw
On Sun, Aug 09, 2020 at 12:03:22PM +0200, Jelle de Jong wrote: > Thank you for your reply, there are still a lot of ; resign=20200802123322 > lines, but it does clean up a lot better, sorted on record type it would > become useful, ideas? > > Is there no clean named command to do this output? Everything starting with ";" is a comment. Run it through "named-compilezone" again, perhaps with "-s relative" this time (I used "-s full" before because it makes processing with awk easier). The result should be be free of comments and canonically sorted. "named" can do this automatically if you dynamically update a zone and remove the DNSKEY rrset. I think "dnssec-signzone -SPRQ" would do it if you marked the keys as deleted with "dnssec-settime" first; I haven't tested this, but it should. But I think the awk trick is probably the most straightforward way. -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc.
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: how to revert signed db zone file to unsgined plain text (remove dnssec keys) Evan Hunt <each@isc.org> - 2020-08-09 22:38 +0000
csiph-web