Skip to content

Correct the BIND ARM to say that the default session-key for use with 'update-policy local;' is generated at startup

The BIND ARM says:

A pre-defined update-policy rule can be switched on with the command update-policy local;. 
Switching on this rule in a zone causes named to generate a TSIG session key and place it in a file. 
That key will then be allowed to update the zone, if the update request is sent from local- host. 
By default, the session key is stored in the file /var/run/named/session.key; the key name
is "local-ddns" and the key algorithm is HMAC-SHA256. These values are configurable with the
session-keyfile, session-keyname and session-keyalg options, respectively).

This is not actually true - the session-key is generated when named starts up, irrespective of whether it's needed or not.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information