GETDNSKEYS(1p) User Contributed Perl Documentation GETDNSKEYS(1p)NAME
getdnskeys - Manage lists of DNSKEYs from DNS zones
SYNOPSIS
getdnskeys [-i file] [-o file] [-k] [-T] [-t] [-v] [zones]
DESCRIPTION
getdnskeys manages lists of DNSKEYs from DNS zones. It may be used to retrieve and compare DNSKEYs. The output from getdnskeys may be
included (directly or indirectly) in a named.conf file.
OPTIONS
getdnskeys takes the following options:
-i path
Reads path as a named.conf with which to compare key lists.
-k Only looks for Key Signing Keys (KSKs); all other keys are ignored.
-o file
Writes the results to file.
-T Checks the current trusted key list from named.conf.
-t Encloses output in needed named.conf syntax markers.
-v Turns on verbose mode for additional output.
-Version
Displays the version information for getdnskeys and the DNSSEC-Tools package.
-h Gives a help message.
EXAMPLES
This getdnskeys will retrieve the KSK for example.com:
getdnskeys -o /etc/named.trustkeys.conf -k -v -t example.com
This getdnskeys will check saved keys against a live set of keys:
getdnskeys -i /etc/named.trustkeys.conf -T -k -v -t
This getdnskeys will automatically update a set of saved keys:
getdnskeys -i /etc/named.trustkeys.conf -k -t -T -v
-o /etc/named.trustkeys.conf
SECURITY ISSUES
Currently this does not validate new keys placed in the file in any way, nor does it validate change over keys which have been added.
It also does not handle revocation of keys.
It should prompt you before adding a new key so that you can always run the auto-update feature.
perl v5.14.2 2012-06-21 GETDNSKEYS(1p)
Check Out this Related Man Page
TACHK(1p) User Contributed Perl Documentation TACHK(1p)NAME
tachk - Check the validity of the trust anchors in a named.conf file
SYNOPSIS
tachk [options] <named.conf>
DESCRIPTION
tachk checks the validity of the trust anchors in the specified named.conf file. The output given depends on the options selected.
Note: This script may be removed in future releases.
OPTIONS
tachk takes two types of options: record-attribute options and output-style options. These option sets are detailed below.
Record-Attribute Options
These options define which trust anchor records will be displayed.
-valid
This option displays the valid trust anchors in a named.conf file.
-invalid
This option displays the invalid trust anchors in a named.conf file.
Output-Format Options
These options define how the trust anchor information will be displayed. Without any of these options, the zone name and key tag will be
displayed for each trust anchor.
-count
The count of matching records will be displayed, but the matching records will not be.
-long
The long form of output will be given. The zone name and key tag will be displayed for each trust anchor.
-terse
This option displays only the name of the zones selected by other options.
-Version
Displays the version information for tachk and the DNSSEC-Tools package.
-help
Display a usage message.
AUTHOR
Wesley Griffin
(Current contact for tachk is Wayne Morrison, tewok@tislabs.com.)
SEE ALSO trustman(8)named.conf(5)perl v5.14.2 2012-06-21 TACHK(1p)
hello friends
I installed sun solaris 8 for x86 pc, and I want know where is the files of configuration (path), the name of files, and the named of daemon.
example: /etc/named.conf and the zones is /var/named, and the daemon is named....it's in linux system.
I need want only the name of files,... (2 Replies)
Hi, In my MSDOS version on windows'98, many keys are not working. I feel that my version is old and I wnt to update it. Can anyone tell me how can i do so.
Please tell me soon.
Thanks a lot.
-Kinnaree
:confused: (1 Reply)
We're running Bind version 8.1.2 on Solaris.
How do you flush the DNS cache?
Also, I see the files named.boot and named.conf in /etc. Do I need both of these files? I've read that named.boot is for Bind version 4x, and that named.conf is for Bind version 8.x and greater.
Our resolv.conf file... (2 Replies)
hello !!!
I have some problem for Sun Solaris DNS i already configured named.boot , named.rev, named.hosts but when i start the DNS service there is an error " error cannot find named.conf " in my manual there is no named.conf configuration it said that if you configure named.boot... (3 Replies)
Hi Experts,
I am a newbie like in Linux world, practising Fedora Linux on VMWare but DNS is never set up:
Below are my conf files:
1. named.conf
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk... (4 Replies)
I have an issue with DNS on a solaris t2000
When I set up the zones there was an issue with the /etc/resolv.conf, I had made a typo in my DNS server.
I only noticed this after creating my new zones.
I have corrected this in the global zone and I am now able to ping and nslookup inthe... (2 Replies)
Hello,
I am seeking help with someone with perl expertise that can create me a script that will read a named.conf file and create a csv or a text file on each of the zones that the named.conf contains. An excerpt of named.conf looks like:
acl "our_nets" {
127.0.0.1/32; ... (2 Replies)
Hello,
I am trying to retrieve all DNS zones from the local bind server without parsing the /var/named folder, removing .db from the zone file names and the special zones files. I am looking for some kind of named, dig etc command that would retrieve all domains from the server eventually with... (2 Replies)
Hi All,
I'm trying to figure out which are the trusted-ips and which are not using a script file.. I have a file named 'ip-list.txt' which contains some ip addresses and another file named 'trusted-ip-list.txt' which also contains some ip addresses. I want to read a line from... (4 Replies)
Hi Guys,
I am configuring DNS BIND server I am getting following error, can someone please help ...below is my complete /etc/named.caching-nameserver.conf file :-
# service named restart
Stopping named:
Starting named:
Error in named... (1 Reply)
Hello.
My first time here.
What I am trying to do is this.
FileA is located on a web server
FileB is located on local storage
Both files contain a large list of information of not only SHA keys but versions, and other information.
I need a statement that can compare between FileA... (5 Replies)