gnunux/dataset
1
0
Fork 0
forked from stove/dataset
Code Issues Pull requests Projects Releases Wiki Activity
dataset/seed/nsd/DEBUG.md
Emmanuel Garette 9d2c456c59 update
2023-07-31 15:30:32 +02:00

1.3 KiB
Raw Blame History

test zone file

nsd-checkzone -p in.gnunux.info /etc/nsd/in.gnunux.info.zone.signed nsd-checkzone -p 47.168.192.in-addr.arpa. /etc/nsd/47.168.192.in-addr.arpa.reverse.signed

resolvectl

resolvectl log-level debug pour les versions plus ancien, éditer : /var/lib/machines/lemonldap.in.gnunux.info/lib/systemd/system/systemd-resolved.service Ajouter : [Service] Environment=SYSTEMD_LOG_LEVEL=debug

verification avec delv

cat keys

trusted-keys {
in.gnunux.info. 257 3 13 "USFnZ0by5kztge0ATp0RGnLmiE6moqF97MkhkeeYRZHk38ZBma3Ww2yr C2wImxlu7cCPIcLzh6fJhZNESHqngQ==";
};

Pas correctement signé

root@debian:~# delv @192.168.45.11 -a keys +root=in.gnunux.info ldap.in.gnunux.info. A
;; keys:1: option 'trusted-keys' is deprecated
;; validating ldap.in.gnunux.info/A: no valid signature found
;; RRSIG failed to verify resolving 'ldap.in.gnunux.info/A/IN': 192.168.45.11#53
;; resolution failed: RRSIG failed to verify

Correctement signé

root@debian:~# delv @192.168.45.11 -a keys +root=in.gnunux.info lemonldap.in.gnunux.info. A
;; keys:1: option 'trusted-keys' is deprecated
; fully validated

increase loglevel

echo """server: debug-mode: yes verbosity: 10 """ > /etc/nsd/conf.d/debug.conf systemctl restart nsd journalctl -fu nsd