[ldns-users] generate TSIG key?
Willem Toorop
willem at nlnetlabs.nl
Tue Sep 25 12:31:54 UTC 2012
Op 24-09-12 01:18, Mariano Absatz - gmail schreef:
> That's precisely what I needed... maybe a note somewhere in the docs
> (either in NSD or ldns) would help newbies (like me).
Hi Mariano,
Changed DESCRIPTION section of the manpage into:
DESCRIPTION
ldns-keygen is used to generate a private/public keypair. When
run, it will create 3 files; a .key file with the public DNSKEY,
a .private file with the private keydata and a .ds with the DS
record of the DNSKEY record.
ldns-keygen can also be used to create symmetric keys (for TSIG)
by selecting the appropriate algorithm: hmac-md5.sig-alg.reg.int,
hmac-sha1 or hmac-sha256. In that case no DS record will be cre‐
ated and no .ds file.
ldns-keygen prints the basename for the key files:
K<name>+<alg>+<id>
Good?
-- Willem
More information about the ldns-users
mailing list