Find the answer to your Linux question:
Results 1 to 2 of 2
Does anyone know how to use dnskeygen? I'm starting to understand the concept but here are a few things that are throwing me off. 1. the options -z (zone), -h(host), ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer
    Join Date
    Nov 2002
    Location
    Queens, NY
    Posts
    1,319

    dnskeygen


    Does anyone know how to use dnskeygen?

    I'm starting to understand the concept but here are a few things that are throwing me off.

    1. the options -z (zone), -h(host), -u (user), When is it appropriate to use these? Thus far, I've only seen examples with -h and I'm not sure in what case the -z and -u are utilized.

    2. It looks like the dnskeygen program will generate two keys: public and private. I'm assuming that you need to copy a key to a slave server but which one do you copy? Public or private?
    The best things in life are free.

  2. #2
    Just Joined!
    Join Date
    Jun 2005
    Location
    Behind You...
    Posts
    36
    wow a forums eng asking for help....

    The dnskeygen utility supports the following options:

    -D

    Generate a DSA/DSS key. The value of size must be one of the following: 512, 576, 640, 704, 768, 832, 896, 960 or 1024.
    -F

    Use a large exponent for key generation. Use for RSA only.
    -H

    Generate a HMAC-MD5 key. The value of size must be between 128 and 504.
    -R

    Generate an RSA key. The value of size must be between 512 and 4096.
    -a

    Cannot use key for authentication.
    -c

    Cannot use key for encryption.
    -h

    Generate host or service key.
    -n name

    Set the key's name to name.
    -p num

    Set the key's protocol field to num. The values for num are as follows:

    3

    If -z or -h is specified (DNSSEC), this is the default value.
    2

    Unless specified, the default value for all other options.
    1

    Use this value for TLS.
    4

    Use this value for IPSEC.
    255

    Use this value for ANY.

    -s num

    Set the key's strength field to num. The default value of num is 0.
    -u

    Generate User key, for example, for email.
    -z

    Generate Zone key for DNS validation.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •