Query: dnskeygen
OS: osf1
Section: 1
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
dnskeygen(1) General Commands Manual dnskeygen(1)NAMEdnskeygen - Generates public, private, and shared secret keys for DNS SecuritySYNOPSIS/usr/bin/dnskeygen [-DHR] key-size [-zhu] [-p value] [-s value] -n nameOPTIONSSpecifies that the key cannot be used for authentication. Specifies that the key cannot be used for encryption. Generates a DSA/DSS key. The size (in bytes) must be one of the following values: 512, 576, 640, 704, 768, 832, 896, 960, or 1024. Uses a large exponent for key generation (RSA only). Generates an HMAC-MD5 key. The size (in bytes) must be between 1 and 512. Generates a Host key for a host or ser- vice. Specifies the name of the key that you generate. Sets the protocol field value. The default is 2 (E-mail) for Host keys and 3 (DNS Security) for all others. Generates an RSA key. The size (in bytes) must be between 512 and 4096. Sets the strength value with which this key signs DNS records. The default is 1 for Zone keys and 0 for all others. Generates a User key for E-mail or another purpose. Generates a Zone key for DNS validation. When the dnskeygen command is executed with no options, it generates output containing a list of its options.DESCRIPTIONUse the dnskeygen utility to generate and maintain keys for DNS Security. The utility can generate public and private keys to authenticate zone data and shared secret keys to use for Request/Transaction signatures.RESTRICTIONSAlthough the dnskeygen command supports the full range of options offered by the Internet Software Consortium's (ISC) original program, at this time, the operating system supports only the keys it generates for secure dynamic updates and zone transfers. See bind_manual_setup(7) and the Network Administration guide for more information about these features.EXAMPLESIn the following example, an administrator creates a private key for authentication of DNS dynamic updates (the forward slash indicates line continuation): # dnskeygen -H 1024 -h -c -n pubnet-enterprise_update ** Adding dot to the name to make it fully qualified domain name** Generating 1024 bit HMAC-MD5 Key for pubnet-enterprise_update. Generated 1024 bit Key for pubnet-enterprise_update. id=0 alg=157 flags=16897 # ls K* Kpubnet-enterprise_update.+157+00000.key Kpubnet-enterprise_update.+157+00000.privateFILESThe dnskeygen command generates two files in the directory in which it is executed: Public key file. Private key file.SEE ALSOCommands: named(8) Files: named.conf(4) Others: bind_manual_setup(7) Network Administration dnskeygen(1)
Related Man Pages |
---|
dnssec-keygen(8) - osx |
named.conf(4) - osf1 |
dnssec-keygen(1m) - mojave |
dnssec-keygen(1m) - opendarwin |
dnssec-keygen(1m) - php |
Similar Topics in the Unix Linux Community |
---|
Quick Q, DNS |
append two files |
loop through file to change some data |
SFTP - Private and Public keys |
Public and Private Key generation for scp |