mirror of
https://github.com/maxkratz/coredns-utils.git
synced 2024-09-16 11:58:07 +00:00
59 lines
1.2 KiB
Groff
59 lines
1.2 KiB
Groff
.\" Generated by Mmark Markdown Processer - mmark.miek.nl
|
|
.TH "COREDNS-KEYGEN" 8 "August 2019" "CoreDNS" "CoreDNS"
|
|
|
|
.SH "COREDNS-KEYGEN"
|
|
.SH "NAME"
|
|
.PP
|
|
\fIcoredns-keygen\fP - generate a key pair suitable for signing DNS zones.
|
|
|
|
.SH "DESCRIPTION"
|
|
.PP
|
|
\fIcoredns-keygen\fP generates a Common Signing Key for the purpose of signing zones. It has no options
|
|
and will generate a key with the ECDSAP256SHA256 algorithm (elliptic curve) and the KSK bit set.
|
|
|
|
.SH "SYNTAX"
|
|
.PP
|
|
.RS
|
|
|
|
.nf
|
|
coredns\-keygen ZONES...
|
|
|
|
.fi
|
|
.RE
|
|
|
|
.IP \(bu 4
|
|
\fBZONES\fP zones it should generate keys for.
|
|
|
|
|
|
.PP
|
|
For each key pair the following files are created:
|
|
|
|
.IP \(bu 4
|
|
\fB\fCK<zone>.+<algorithm>+<keytag>.key\fR for the DNSKEY RR, and
|
|
.IP \(bu 4
|
|
\fB\fCK<zone>.+<algorithm>+<keytag>.private\fR for the private one.
|
|
|
|
|
|
.PP
|
|
For each generate key the base name of these file is printed to standard output once.
|
|
|
|
.SH "EXAMPLES"
|
|
.PP
|
|
Generate keys for example.org and example.net:
|
|
|
|
.PP
|
|
.RS
|
|
|
|
.nf
|
|
$ coredns\-keygen example.org example.net
|
|
Kexample.org.+013+09787
|
|
Kexample.net.+013+00440
|
|
|
|
.fi
|
|
.RE
|
|
|
|
.SH "ALSO SEE"
|
|
.PP
|
|
dnssec-keygen(8) can also used to generate keys and supports more options. See RFC 4033, 4034, 4035
|
|
for the whole DNSSEC specification.
|
|
|