O'Reilly logo

Linux in a Nutshell, Fourth Edition by Aaron Weber, Stephen Figgins, Ellen Siever

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Name

dnssec-signkey

Synopsis

                  dnssec-signkey [options] keyset 
                  key-identifiers
               

System administration command. Sign a secure DNS keyset with the key signatures specified in the list of key-identifiers. A zone administrator would use this command to sign a child zone’s keyset with the parent zone’s keys. For more information on Secure DNS, see DNS and BIND (O’Reilly), or read RFC 2535.

Options

-a

Verify generated signatures.

-c class

Specify the DNS class of the keyset.

-e end-time

Specify the date and time the records will expire. The end-time may be specified in yyyymmddhhmmss notation, or as + N seconds from the start-time. The default is 30 days from start-time.

-h

Print help message, then exit.

-p

Use pseudo-random data to sign the zone key.

-r device

Specify the device to use as a source of randomness when creating keys. This can be a device file, a file containing random data, or the string keyboard to specify keyboard input. By default, /dev/random will be used when available, and keyboard input will be used when it is not.

-s start-time

Specify the date and time the records become valid. The end-time may be specified in yyyymmddhhmmss notation, or given as + N seconds from the current time. The default is the current time.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required