dustri.org might have been unavailable for you since a couple of days, and
here is why: I'm using knot as
authoritative DNS server, from the official deb repository. Everything was fine, until the
last update, from version 2.0 to 2.1.0, who cames with interesting
changes, like
changing the fucking key-storage format, resulting in:
root@frollo 19:43 service knot status ● knot.service - Knot DNS server Loaded: loaded (/lib/systemd/system/knot.service; enabled) Active: active (running) since Sun 2016-01-31 19:43:48 CET; 1s ago Main PID: 13870 (knotd) CGroup: /system.slice/knot.service └─13870 /usr/sbin/knotd -c /etc/knot/knot.conf Jan 31 19:43:48 frollo knotd[13870]: info: loading zones Jan 31 19:43:48 frollo knotd[13870]: info: [dustri.org] zone will be loaded, serial 0 Jan 31 19:43:48 frollo knotd[13870]: info: starting server Jan 31 19:43:48 frollo knotd[13870]: warning: [dustri.org] semantic check, node 'dustri.org.' (RRSIG, expired signature record type 'SOA') Jan 31 19:43:48 frollo knotd[13870]: info: [dustri.org] zone loader, semantic check, completed Jan 31 19:43:48 frollo knotd[13870]: error: [dustri.org] DNSSEC, failed to initialize (invalid parameter) Jan 31 19:43:48 frollo knotd[13870]: error: [dustri.org] failed to store changes into journal (invalid parameter) Jan 31 19:43:48 frollo knotd[13870]: error: [dustri.org] zone load failed (invalid parameter) Jan 31 19:43:48 frollo knotd[13870]: info: server started in the foreground, PID 13870 Jan 31 19:43:48 frollo knotd[13870]: info: remote control, binding to '/run/knot/knot.sock'
Fortunately, to fix this, you just have to run keymgr init in your KASP directory.
Don't worry, this won't rewrite your existing settings.