Dynamic Update with BIND9 (3/4)

Create authentication key: dnssec-keygen
   dnssec-keygen -a hmac-md5 -b 128 -n host jinmei.dyn.toshiba.com.
two files (mostly the same)
Kjinmei.dyn.toshiba.com.+157+xxxxx.{key, private}
Key distribution
Client (host) side
copy the two files to appropriate places
be careful about the file permission
(should be unreadable from others)
Server side
put the key in named.conf
    key jinmei.dyn.toshiba.com {
            algorithm hmac-md5;
            // Copied from the Key: field of Kxxx.private
            // DON'T USE THIS FOR YOUR PRACTICE
            secret "JXg3xkI+mt/O0ZAbTCqzDA==";
    };