<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hello,</p>
<p><br>
</p>
<p>I am writing a howto for linux-journal on using unbound as a
caching dnssec validating server. I am wondering if the following
would be recommended:</p>
<p><br>
</p>
<p>** I want to control the server via a remote control-client.</p>
<p>To do so I have generated keys on the server by doing <br>
</p>
<p>unbound-control-setup<br>
</p>
<p><br>
</p>
<p>On the remote client I install unbound so I have the client.
After that I copy the keys|pems to the client:</p>
<p>sudo scp
<a class="moz-txt-link-abbreviated" href="mailto:root@192.168.0.110:/var/lib/docker/volumes/unbound_unbound_conf/_data/unbound_control.key">root@192.168.0.110:/var/lib/docker/volumes/unbound_unbound_conf/_data/unbound_control.key</a>
~/keys/<br>
sudo scp
<a class="moz-txt-link-abbreviated" href="mailto:root@192.168.0.110:/var/lib/docker/volumes/unbound_unbound_conf/_data/unbound_server.pem">root@192.168.0.110:/var/lib/docker/volumes/unbound_unbound_conf/_data/unbound_server.pem</a>
~/keys/<br>
<br>
</p>
<p>However, this means I copy 4 keys (actually 2 pemfiles and 2
keys)<br>
</p>
<p> </p>
<p style="margin-bottom: 0in; font-style: normal; line-height: 100%;
text-decoration: none">
<br>
</p>
<p style="margin-bottom: 0in; font-style: normal; line-height: 100%;
text-decoration: none"> server-key-file:
"/opt/unbound/etc/unbound/unbound_server.key" </p>
<p style="margin-bottom: 0in; font-style: normal; line-height: 100%;
text-decoration: none"> server-cert-file:
"/opt/unbound/etc/unbound/unbound_server.pem" </p>
<p style="margin-bottom: 0in; font-style: normal; line-height: 100%;
text-decoration: none"> control-key-file:
"/opt/unbound/etc/unbound/unbound_control.key" </p>
<p style="margin-bottom: 0in; font-style: normal; line-height: 100%;
text-decoration: none"> control-cert-file:
"/opt/unbound/etc/unbound/unbound_control.pem"</p>
<p>
<style type="text/css">p { margin-bottom: 0.1in; line-height: 115%; }a:link { }</style></p>
<p><br>
</p>
<p>Is this correct>? Because the client wouldn't work if it did't
have all 4 files. <br>
</p>
<p><br>
</p>
<p>After this the client works fine, but I was wondering if this a
recommended way to go about. Couldn't find docs about a remote
control client.<br>
</p>
<p><br>
</p>
<p><br>
</p>
<p> sudo unbound-control -c ~/keys/unbound.conf -s 192.168.0.110@953
stats_noreset | egrep time</p>
<p>thread0.recursion.time.avg=0.282076<br>
thread0.recursion.time.median=0<br>
thread1.recursion.time.avg=0.092444<br>
thread1.recursion.time.median=0<br>
total.recursion.time.avg=0.218865<br>
total.recursion.time.median=0<br>
time.now=1547242327.282419<br>
time.up=84725.735959<br>
time.elapsed=84725.735959<br>
<br>
</p>
<p>thanx<br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-signature">-- <br>
Vriendelijke groet, Hans-Cees Speel (<a class="moz-txt-link-abbreviated" href="mailto:hanscees@hanscees.com">hanscees@hanscees.com</a>)<br>
<br>
* Eigenaar <a href="http://www.bomengids.nl">bomengids.nl</a> (<a
href="http://twitter.com/bomengidsnl">volg twitter</a>) <br>
</div>
</body>
</html>