dnssec-dsfromkey man page on PC-BSD
[printable version]
DNSSEC-DSFROMKEY(8) BIND9 DNSSEC-DSFROMKEY(8)
NAME
dnssec-dsfromkey - DNSSEC DS RR generation tool
SYNOPSIS
dnssec-dsfromkey [-v level] [-1] [-2] [-a alg] {keyfile}
dnssec-dsfromkey {-s} [-v level] [-1] [-2] [-a alg] [-c class] [-d dir]
{dnsname}
DESCRIPTION
dnssec-dsfromkey outputs the Delegation Signer (DS) resource record
(RR), as defined in RFC 3658 and RFC 4509, for the given key(s).
OPTIONS
-1
Use SHA-1 as the digest algorithm (the default is to use both SHA-1
and SHA-256).
-2
Use SHA-256 as the digest algorithm.
-a algorithm
Select the digest algorithm. The value of algorithm must be one of
SHA-1 (SHA1) or SHA-256 (SHA256). These values are case
insensitive.
-v level
Sets the debugging level.
-s
Keyset mode: in place of the keyfile name, the argument is the DNS
domain name of a keyset file. Following options make sense only in
this mode.
-c class
Specifies the DNS class (default is IN), useful only in the keyset
mode.
-d directory
Look for keyset files in directory as the directory, ignored when
not in the keyset mode.
EXAMPLE
To build the SHA-256 DS RR from the Kexample.com.+003+26160 keyfile
name, the following command would be issued:
dnssec-dsfromkey -2 Kexample.com.+003+26160
The command would print something like:
example.com. IN DS 26160 5 2
3A1EADA7A74B8D0BA86726B0C227AA85AB8BBD2B2004F41A868A54F0 C5EA0B94
FILES
The keyfile can be designed by the key identification Knnnn.+aaa+iiiii
or the full file name Knnnn.+aaa+iiiii.key as generated by
dnssec-keygen(8).
The keyset file name is built from the directory, the string keyset-
and the dnsname.
CAVEAT
A keyfile error can give a "file not found" even if the file exists.
SEE ALSO
dnssec-keygen(8), dnssec-signzone(8), BIND 9 Administrator Reference
Manual, RFC 3658, RFC 4509.
AUTHOR
Internet Systems Consortium
COPYRIGHT
Copyright © 2008 Internet Systems Consortium, Inc. ("ISC")
BIND9 November 29, 2008 DNSSEC-DSFROMKEY(8)
[top]
List of man pages available for PC-BSD
Copyright (c) for man pages and the logo by the respective OS vendor.
For those who want to learn more, the polarhome community provides shell access and support.
[legal]
[privacy]
[GNU]
[policy]
[cookies]
[netiquette]
[sponsors]
[FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
|
Vote for polarhome
|