[ldns-users] generate TSIG key?

Willem Toorop willem at nlnetlabs.nl
Tue Sep 25 12:31:54 UTC 2012

Op 24-09-12 01:18, Mariano Absatz - gmail schreef:
> That's precisely what I needed... maybe a note somewhere in the docs
> (either in NSD or ldns) would help newbies (like me).

Hi Mariano,

Changed DESCRIPTION section of the manpage into:

       ldns-keygen  is  used  to generate a private/public keypair. When
       run, it will create 3 files; a .key file with the public  DNSKEY,
       a  .private  file  with the private keydata and a .ds with the DS
       record of the DNSKEY record.

       ldns-keygen can also be used to create symmetric keys (for  TSIG)
       by selecting the appropriate algorithm: hmac-md5.sig-alg.reg.int,
       hmac-sha1 or hmac-sha256.  In that case no DS record will be cre‐
       ated and no .ds file.

       ldns-keygen    prints   the   basename   for   the   key   files:

-- Willem

More information about the ldns-users mailing list