From: Charles Howes Date: Thu, 10 Nov 2022 22:16:31 +0000 (-0800) Subject: Added a link, clarified wording X-Git-Tag: dnsdist-1.8.0-rc1~189^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5fdabed9518c2e12197cb567def4d7aa04422155;p=thirdparty%2Fpdns.git Added a link, clarified wording --- diff --git a/docs/dnsupdate.rst b/docs/dnsupdate.rst index c898a73186..234abf84ab 100644 --- a/docs/dnsupdate.rst +++ b/docs/dnsupdate.rst @@ -110,7 +110,8 @@ TSIG-ALLOW-DNSUPDATE This setting allows you to set the TSIG key required to do an DNS update. If you have GSS-TSIG enabled, you can use Kerberos principals -here. An example, using :program:`pdnsutil` to create the key:: +here. Here is an example using :program:`pdnsutil` to create a key named +`test`:: $ pdnsutil generate-tsig-key test hmac-sha512 Create new TSIG key test hmac-sha512 jMp41zXrTRKa9l9EGMj+9I9AL8exyIjXBdkFuNMJKv/UpNd83kFt+CrHQpuqBI8lf28xH1SrOFN1mr7QzOe7pQ== @@ -118,13 +119,16 @@ here. An example, using :program:`pdnsutil` to create the key:: $ pdnsutil list-tsig-keys | grep test test. hmac-sha512. jMp41zXrTRKa9l9EGMj+9I9AL8exyIjXBdkFuNMJKv/UpNd83kFt+CrHQpuqBI8lf28xH1SrOFN1mr7QzOe7pQ== -Then adding that key with the name `test` and add the metadata:: +This adds the key with the name `test` to the zone's metadata. Note, the +keys need to be added separately with `add-meta`, not as a comma or +space-separated list:: $ pdnsutil add-meta example.org TSIG-ALLOW-DNSUPDATE test $ pdnsutil get-meta example.org TSIG-ALLOW-DNSUPDATE TSIG-ALLOW-DNSUPDATE = test -An example of how to use a TSIG key with the :program:`nsupdate` command:: +This is an example of using the new `test` TSIG key with the :program:`nsupdate` +command (see the manpage for :program:`nsupdate` for full details):: $ nsupdate <