Co robi DNSSEC-KEYGEN użycie. Konsola TSIG) keys for domain-name . When the key is completed.

Czy przydatne?

Polecenie dnssec-keygen

Wykonanie, użycie: System administration command. Generate encrypted Secure DNS (DNSSEC) or Transaction Signatures (TSIG) keys for domain-name. When the key is completed, dnssec-keygen prints the key identifier to standard output and creates public and private keyfiles whose names are based on the key identifier and the filename extensions .key and .private. It creates both files even when using an asymmetric algorithm, such as HMAC-MD5. For more information on Secure DNS, see DNS and BIND (O'Reilly), or read RFC 2535

Opcje wykonania dnssec-keygen w konsoli

-a algorithm

Specify the cryptographic algorithm to use. Accepted values are RSAMD5, RSA, DSA, DH, or HMAC-MD5. DSA or RSA should be used for Secure DNS, and HMAC-MD5 for TSIG.

-b bitsize

Specify the key bitsize. Accepted values depend on the encryption algorithm used, but, in general, a larger key size means stronger encryption. 128 bits is usually considered reasonably secure, and 512 quite good.

-c class

The domain record for which the key is being generated should contain class. When this option is not given, a class of IN is assumed.

-e

Use a large exponent when generating an RSA key.

-g generator

Specify the number to use as a generator when creating a DH (Diffie Hellman) key. Accepted values are 2 and 5.

-h

Print a help message, then exit.

-n type

The owner of the key must be of the specified type. Accepted values are ZONE, HOST, ENTITY, or USER.

-p protocol

Specify the protocol value for the generated key. Accepted values are given in RFC 2535 and other DNS Security RFCs. By default, the value is either 2 (email) or 3 (DNSSEC).

-r device

Specify the device to use as a source of randomness when creating keys. This can be a device file, a file containing random data, or the string keyboard to specify keyboard input. By default, /dev/random will be used when available, and keyboard input will be used when it is not.

-s type

Specify whether the key can be used for authentication, confirmation, both, or neither. Accepted values for type are AUTHCONF, NOAUTHCONF, NOAUTH, or NOCONF.

Przykłady dnssec-keygen działanie w Słownik polecenie D

Przykład DNSSEC-KEYGEN użycie :
Jak użyć Set or display name of current NIS domain. With no argument, domainname displays the name of the current NIS domain. Only a privileged user can set the domain name by giving an argument; this is co znaczy.
Przykład DNSSEC-KEYGEN użycie :
Jak użyć display the contents of the device or filesystem image isoimage . devdump displays the first 256 bytes of the first 2048-byte sector and waits for commands. The prompt shows the extent number (zone krzyżówka.
Przykład DNSSEC-KEYGEN użycie :
Jak użyć administration command. Create a dependency file for the modules given on the command line. This dependency file can be used by modprobe to automatically load the relevant modules . The normal use of co to jest.
Przykład DNSSEC-KEYGEN użycie :
Jak użyć used to query DNS servers; it is more flexible than the deprecated nslookup command. When invoked with just the -h option, it displays a list of options for the command. If you use it without any słownik.
Przykład DNSSEC-KEYGEN użycie :
Jak użyć and report the differences. No more than one of the files may be given as - (indicating that it is to be read from standard input). The output is displayed with the following codes: = = = = All czym jest.