BIND 9's nsupdate dyndns update gives: "tsig verify failure (BADKEY)"

nsupdate has some quirks and assumes some naming convention when called with -k. From the man page, I think your key name might somehow be called domain2.com.au.

Could you try the following?

nsupdate -y \
  'rndc-key:vZwCYBx4OAOsBrbdlooUfBaQx+kwEi2eLDXdr+JMs4ykrwXKQTtDSg/jp7eHnw39IehVLMtuVECTqfOwhXBm0A=='

You have to use the key name you created the key with as the name in the config. From what I can see, you have to use:

key "domain2.com.au" {
   [...]
}

From the BIND documentation:

to verify that incoming requests have been signed with a key matching this name, algorithm, and secret.

Tags:

Linux

Bind

Dyndns

Domain Name System

Named Conf

Related

How to stop HTTPS requests for non-ssl-enabled virtual hosts from going to the first ssl-enabled virtualhost (Apache-SNI) Hardware checks for Dell R820 Servers through Nagios using SNMP How to check a route exist between two hosts for a particular port? How to know the reason why an environment turns RED health in Elastic Beanstalk? Can I have 2 A records for the same domain Debian/Ubuntu set preseed mirror variable via early/run command Replace gitolite3 user with git Rebuild mdadm RAID5 array with fewer disks Logstash can't read files it should have access too How can I save a domain controller after a USN rollback without rebuilding the whole server? Unexpected results from an XML query filter for security event log POST request is repeated with nginx loadbalanced server (status 499)

Recent Posts