SSHFP records

I hate getting this prompt: root@home:~# ssh server.somehost.com The authenticity of host ‘server.somehost.com (123.123.123.123)’ can’t be established. RSA key fingerprint is e6:fa:89:4d:c4:03:8e:09:1b:e5:b1:3c:ec:5f:8e:a3. Are you sure you want to continue connecting (yes/no)? If you see it often enough you probably ignore it – it then loses its purpose if you find yourself blindly typing yes. SSHFP […]

Unbound Caching Nameserver

I have added an article to my wiki covering setup of Unbound as a cache name server. This includes DNSSEC support as well as IPv6 support. If it is a busy name server it may need to be tweaked for performance, see the performance section of my wiki above and the Unbound website.

PowerDNS Authoritative DNSSEC MySQL

I have added an article to my Wiki covering setup of PowerDNS with MySQL as well as enabling DNSSEC. I highly recommend using the MySQL database with replication (or even Percona XtraDB Cluster) as you will get a few nice advantages: Instant updates – no waiting for zone transfers Zone deletion works perfectly – you […]