[Samba] Samba and DNSSEC?
Joachim Lindenberg
samba at lindenberg.one
Thu Jan 16 08:28:45 UTC 2025
There are occasional questions on DNSSEC support:
https://lists.samba.org/archive/samba/2013-September/175620.html
https://lists.samba.org/archive/samba/2015-September/194351.html
https://lists.samba.org/archive/samba/2019-July/224293.html
https://lists.samba.org/archive/samba/2023-December/247518.html
But I haven´t noticed any definite answer nor any documentation on Wiki.
My understanding is, that bind would be able to sign any static content, however samba essentially serves content from the database unsigned, no matter which backend configuration (SAMBA_INTERNAL or BIND9_DLZ) is used. DNSSEC could probably be added via an additional DNS-Server that uses Samba „upstream“ and signs responses from Samba only.
Correct? Any pointers appreciated.
Thanks,
Joachim
More information about the samba
mailing list