Beispiel für ddns-confgen

README.md

@@ -26,4 +26,32 @@
 
 ## Einrichtung
 
+### Erzeugen des Zonen-Signier-Schlüssels
+
+Mit dem Tool `ddns-confgen` (in Debian im Paket bind9 enthalten), den erforderlichen Schlüssel generieren:
+
+`ddns-confgen -z $ZONE`
+ 
+`$ZONE` ist die gewünschte Zone, in meinem Fall war das `memory-leak.de` 
+
+#### Ergebnis
+ 
+ root@delta:/etc/bind# ddns-confgen -z memory-leak.dre
+ # To activate this key, place the following in named.conf, and
+ # in a separate keyfile on the system or systems from which nsupdate
+ # will be run:
+ key "ddns-key.memory-leak.dre" {
+         algorithm hmac-sha256;
+         secret "hMZ4fVbpllxEJ93AoTa+PjYeUIXx2FHXLgBTz/fWXlA=";
+ };
+ 
+ # Then, in the "zone" definition statement for "memory-leak.dre",
+ # place an "update-policy" statement like this one, adjusted as 
+ # needed for your preferred permissions:
+ update-policy {
+           grant ddns-key.memory-leak.dre zonesub ANY;
+ };
+
+
+
 ## Nutzung