[ldns-users] generate TSIG key?

Mariano Absatz - gmail el.baby at gmail.com
Tue Sep 25 12:34:39 UTC 2012


On Tue, Sep 25, 2012 at 9:31 AM, Willem Toorop <willem at nlnetlabs.nl> wrote:

> Op 24-09-12 01:18, Mariano Absatz - gmail schreef:
> > That's precisely what I needed... maybe a note somewhere in the docs
> > (either in NSD or ldns) would help newbies (like me).
>
> Hi Mariano,
>
> Changed DESCRIPTION section of the manpage into:
>
> DESCRIPTION
>        ldns-keygen  is  used  to generate a private/public keypair. When
>        run, it will create 3 files; a .key file with the public  DNSKEY,
>        a  .private  file  with the private keydata and a .ds with the DS
>        record of the DNSKEY record.
>
>        ldns-keygen can also be used to create symmetric keys (for  TSIG)
>        by selecting the appropriate algorithm: hmac-md5.sig-alg.reg.int,
>        hmac-sha1 or hmac-sha256.  In that case no DS record will be cre‐
>        ated and no .ds file.
>
>        ldns-keygen    prints   the   basename   for   the   key   files:
>        K<name>+<alg>+<id>
>
> Good?
>
> Cool! Seems like something even I can understand :-)
Thanx a lot.

-- 
Mariano Absatz - El Baby
www.clueless.com.ar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/ldns-users/attachments/20120925/75f42a52/attachment.htm>


More information about the ldns-users mailing list