[Pdns-users] DNSSEC : One key by client to update only this client's dynamic A record
David J.
powerdns at davidjardin.fr
Tue Jun 22 18:18:17 UTC 2021
Hello everyone,
I would like to configure my own dyndns service. I managed to configure
and make it work.
I try now to secure this service.
I followed with success this doc :
https://doc.powerdns.com/authoritative/dnsupdate.html). However, as far
as I understand there is only one key for the whole zone Which means,
any client can update any record.
I would like to be able to generate one key per client (dnssec-keygen -n
host ?) and authorize this key to be able to update only the associated
record.
Example :
- The zone is dyndns.xxx.com
- A client would like to have the dynamic record A.dyndns.xxx.com
- B would like B.dyndns.xxx.com
- A must be able to update A.dyndns.xxx.com and only this record
- Same for B.
Can someone give me an hint, an URL to achieve that with pdns please ?
Did I miss something in the doc ?
Thank you very much,
Best regards,
--
David J
More information about the Pdns-users
mailing list