DNS servers and secure way to do it ?

Hi

I want to at least setup my onw DNS servers again (failed completely in the past even with help from kind guys of Virtualmin !). This time I’ll use two small Ubuntu instances to do that (separate of my Virtualmin servers used for hosting customers). I just checked documentation and it looks it’s still the same way using login/pass of Webmin for slaves which is incompatible with 2FA authentification. Isn’t there a better way to do that by DNS zone transfer in Bind ?

Thanks for tips and ideas

Vincèn

No one on this ?

I’m just wondering…you don’t need 2 factor on root user.

Communication can be setup between servers and secured/restricted to only each others ipaddress (achieved from within webmin/virtualmin). I am assuming that you would need to consult with someone on whether or not a custom user can be assigned to this communication or whether it has to be root…however you would still restrict by ipaddress of the two servers.

Then just apply 2 factor on user accounts only…whilst additionally restricting sudo admin to both 2 factor and office static ipaddress.

You can assign more than one ipaddress to any account btw…so root user could be whitelisted for each server ipaddress and also your home office ipaddress if root must be used between name servers.