nsupdate failed to update Post: 302250241

9 More Discussions You Might Find Interesting

1. AIX

SFTP Failed---Request for subsystem 'sftp' failed on channel 0

Hi, While I am trying SFTP my machine to another unix machine , it was working fine till 10 min back. But now i am getting the below error "Request for subsystem 'sftp' failed on channel 0" Could you please someone help me to solve or analyise the root cause... Cheers:b:, Mahiban

2. AIX

nsupdate - 2 zones are appended to hostname?

Hello, Can someone tell me why I'm getting the following? $sudo nsupdate > update add HOSTNAME.ZONE1 86400 A IP ADDRESS > show Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION:...

3. Solaris

sendmail failed after patch update

Hi, I was troubleshooting H/W issue on a Ultra 5 workstation, whereby the system kept rebooting. In the course of isolating the issue, I patched the system with the latest Recommended cluster patch for solaris 7. SInce then, sendmail is not working and am getting the following errors. Kindly check...

4. UNIX for Dummies Questions & Answers

nsupdate falied to update

5. UNIX for Advanced & Expert Users

nsupdate failed to update

6. AIX

Failed update AIX 6.1

Hi, I have problem with update AIX in ML 01 to ML 04. I am new in AIX system, please help me how resolve this problem. Thanks

7. Solaris

Cygwin X Server error: xdmcp fatal error session failed session 23 failed for display

Hi, i got the following error when i tried to access the cygwin x server from a windows XP PC. "xdmcp fatal error session failed session 23 failed for display" Alternatively, when i tried to access the same Cygwin X Server from another windows XP PC which is on a different LAN...

8. Programming

MYSQL - trigger update on record insert or update

Right I have a MYSQL database with table1 with 3 columns, colA, colB and colC. I want to combine the data in the 3 columns into a 4th column names col_comb. Here's the SQL command that works: UPDATE table1 SET `col_comb` = CONCAT( `colA` , ' - ', `colB` , ', ', `colC` ); So now I want this...

9. Shell Programming and Scripting

Parsing nsupdate's output

Anybody that's ever used nsupdate knows that it's error management is not very good. I have a wrapper script that when it's got all the information it needs launches the nsupdate command. This is my attempt at parsing the output to help support users quickly know if the command succeded or...

LEARN ABOUT SUNOS

dnssec-keygen

dnssec-keygen(1M)					  System Administration Commands					 dnssec-keygen(1M)

NAME

       dnssec-keygen - DNSSEC key generation tool

SYNOPSIS

       dnssec-keygen  -a algorithm -b keysize -n nametype [-eh] [-c class] [-g generator] [-p protocol] [-r randomdev] [-s strength] [-t type] [-v
       level] name

DESCRIPTION

       The dnssec-keygen utility generates keys for DNSSEC (Secure DNS), as defined in RFC 2535. It can also  generate	keys  for  use	with  TSIG
       (Transaction Signatures), as defined in RFC 2845.

OPTIONS

       The following options are supported:

       -a algorithm    Select the cryptographic algorithm. The value of algorithm must be one of RSAMD5 or RSA, DSA, DH (Diffie Hellman), or HMAC-
		       MD5. These values are case insensitive.	For DNSSEC, DSA is mandatory to implement algorithm and RSA  is  recommended.  For
		       TSIG, HMAC-MD5 is mandatory.

       -b keysize      Specify	the  number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512
		       and 2048 bits. Diffie Hellman keys must be between 128 and 4096 bits. DSA keys must be between 512 and  1024  bits  and	an
		       exact multiple of 64. HMAC-MD5 keys must be between 1 and 512 bits.

       -c class        Indicate that the DNS record containing the key should have the specified class. If not specified, class IN is used.

       -e	       Use a large exponent if generating an RSA key.

       -g generator	Use  this  generator if generating a Diffie Hellman key. Allowed values are 2 and 5. If no generator is specified, a known
		       prime from RFC 2539 will be used if possible; otherwise the default is 2.

       -h	       Print a short summary of the options and arguments to dnssec-keygen.

       -n nametype     Specify the owner type of the key. The value of nametype must either be ZONE (for a DNSSEC zone key), HOST or ENTITY (for a
		       key associated with a host), or USER (for a key associated with a user). These values are case insensitive.

       -p protocol     Set the protocol value for the generated key. The protocol argument is a number between 0 and 255. The default is 2 (email)
		       for keys of type USER and 3 (DNSSEC) for all other key types. Other possible values for this argument  are  listed  in  RFC
		       2535 and its successors.

       -r randomdev    Specify	the source of randomness. If the operating system does not provide a /dev/random or equivalent device, the default
		       source of randomness is keyboard input. The randomdev argument specifies the name of a character device or file	containing
		       random data to be used instead of the default. The special value keyboard indicates that keyboard input should be used.

       -s strength     Specify	the  strength  value  of the key. The strength argument is a number between 0 and 15, and currently has no defined
		       purpose in DNSSEC.

       -t type	       Indicate the use of the key. type must be one of AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF. The  default  is  AUTHCONF.  AUTH
		       refers to the ability to authenticate data, and CONF the ability to encrypt data.

       -v level        Set the debugging level.

GENERATED KEYS

       When  dnssec-keygen  completes successfully, it prints a string of the form Knnnn.+aaa+iiiii to the standard output. This is an identifica-
       tion string for the key it has generated.  These strings can be used as arguments to dnssec-makekeyset(1M).

	 o  nnnn is the key name.

	 o  aaa is the numeric representation of the algorithm.

	 o  iiiii is the key identifier (or footprint).

       The dnssec-keygen utility creates two file, with names based on the printed string.

	 o  Knnnn.+aaa+iiiii.key contains the public key.

	 o  Knnnn.+aaa+iiiii.private contains the private key.

       The .key file contains a DNS KEY record that can be inserted into a zone file (directly or with a $INCLUDE statement).

       The .private file contains algorithm specific fields. For obvious security reasons, this file does not have general read permission.

       Both .key and .private files are generated for symmetric encryption algorithm such as HMAC-MD5, even though the public and private key  are
       equivalent.

EXAMPLES

       Example 1: Generate a 768-bit DSA key for the domain example.com.

       To generate a 768-bit DSA key for the domain example.com, the following command would be issued:

       dnssec-keygen -a DSA -b 768 -n ZONE example.com

       The command would print a string of the form:

       Kexample.com.+003+26160

       Example 2: Create the files Kexample.com.+003+26160.key and Kexample.com.+003+26160.private.

       In the following example, dnssec-keygen creates the files Kexample.com.+003+26160.key and Kexample.com.+003+26160.private

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWbind9 		   |
       |Interface Stability	     |External			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       dnssec-makekeyset(1M), dnssec-signkey(1M), dnssec-signzone(1M), attributes(5)

       RFC 2535, RFC 2845, RFC 2539

       BIND 9 Administrator Reference Manual

NOTES

       Source for BIND9 is available in the SUNWbind9S package.

SunOS 5.10							    15 Dec 2004 						 dnssec-keygen(1M)