How to configure Ubuntu DNSSEC?
How to configure Ubuntu DNSSEC?
1 answer
by
alivia ,
2 years ago
@caesar_kertzmann
To configure DNSSEC on Ubuntu, you can follow the steps below:
- Install the DNSSEC package:
1
|
sudo apt-get install dnssec-tools |
- Generate a key pair:
1
|
dnssec-keygen -a NSEC3RSASHA1 -b 2048 -n ZONE example.com |
Note: Replace "example.com" with your domain name.
- This will generate two files in the current directory:
- example.com.key: This file contains the public key.
- example.com.private: This file contains the private key.
- Add the public key to your DNS zone file:
1
|
example.com. IN DNSKEY 257 3 8 AwEAAb3TqH0IyGz4...... |
Note: Replace the key value with the contents of the example.com.key file.
- Sign your DNS zone file:
1
|
sudo dnssec-signzone -o example.com -k example.com.private example.com.zone |
Note: Replace "example.com" with your domain name and "example.com.zone" with your DNS zone file.
- Reload the DNS server:
1
|
sudo service bind9 reload |
Note: Replace "bind9" with the name of your DNS server.
DNSSEC should now be configured on your Ubuntu server.