Upcoming DNSSEC key rollover – how to check your Turris Omnia's knot resolver:
– connect to your Turris Omnia using SSH
– enter '# cat /etc/root.keys | grep "KeyTag:20326"'
If you see the key, no further action is required. All modern resolvers follow the process defined in RFC 5011 to update their root keys automatically.
@infosechandbook Also, check /etc/config/resolver: you may have put the root keys file in another place than the default one (option "keyfile")
@infosechandbook If you literally enter '# cat /etc/root.keys | grep "KeyTag:20326"', it will comment your command… # should not be a part of the quoted string 🤡
That's right, however, it's the shortest way to distinguish between user and root context in Linux systems.
@infosechandbook I would write it this way:
To […], enter the following command:
# cat /etc/root.keys | grep "KeyTag:20326"
mastodon.at is open to all users and federates with most instances.
🇩🇪 🇦🇹 🇨🇭 mastodon.at ist offen für alle User und ist mit vielen anderen Instanzen verbunden.