doc/arm/man.dnssec-dsfromkey.html

	man.dnssec-dsfromkey.html revision 0b89eee6167201843c9a46b7e7c63cb1e4e09ba3
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<!--
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz - Copyright (C) 2000-2017 Internet Systems Consortium, Inc. ("ISC")
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz -
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz - This Source Code Form is subject to the terms of the Mozilla Public
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz - License, v. 2.0. If a copy of the MPL was not distributed with this
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz - file, You can obtain one at http://mozilla.org/MPL/2.0/.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz-->
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<html lang="en">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<head>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<title>dnssec-dsfromkey</title>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<link rel="prev" href="man.dnssec-coverage.html" title="dnssec-coverage">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<link rel="next" href="man.dnssec-importkey.html" title="dnssec-importkey">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</head>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<div class="navheader">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<table width="100%" summary="Navigation header">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<tr><th colspan="3" align="center"><span class="application">dnssec-dsfromkey</span></th></tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="20%" align="left">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a accesskey="p" href="man.dnssec-coverage.html">Prev</a>�</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<th width="60%" align="center">Manual pages</th>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-importkey.html">Next</a>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</table>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<hr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<div class="refentry">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a name="man.dnssec-dsfromkey"></a><div class="titlepage"></div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refnamediv">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<h2>Name</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    <span class="application">dnssec-dsfromkey</span>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg     &#8212; DNSSEC DS RR generation tool
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg  </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg</div>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
a65c48d1a2a69faf4390122b4646d16506e8a645jaspervdg
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refsynopsisdiv">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<h2>Synopsis</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <div class="cmdsynopsis"><p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <code class="command">dnssec-dsfromkey</code>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-1</code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-2</code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-C</code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>]
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       {keyfile}
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p></div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <div class="cmdsynopsis"><p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <code class="command">dnssec-dsfromkey</code>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       {-s}
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz       [<code class="option">-1</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-2</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-a <em class="replaceable"><code>alg</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-l <em class="replaceable"><code>domain</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-s</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-c <em class="replaceable"><code>class</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-T <em class="replaceable"><code>TTL</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-f <em class="replaceable"><code>file</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-A</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-v <em class="replaceable"><code>level</code></em></code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       {dnsname}
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg   </p></div>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    <div class="cmdsynopsis"><p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <code class="command">dnssec-dsfromkey</code>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-h</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg       [<code class="option">-V</code>]
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg   </p></div>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg  <div class="refsection">
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<a name="id-1.14.9.7"></a><h2>DESCRIPTION</h2>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    <p><span class="command"><strong>dnssec-dsfromkey</strong></span>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      outputs the Delegation Signer (DS) resource record (RR), as defined in
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      RFC 3658 and RFC 4509, for the given key(s).
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg  </div>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg  <div class="refsection">
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<a name="id-1.14.9.8"></a><h2>OPTIONS</h2>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    <div class="variablelist"><dl class="variablelist">
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-1</span></dt>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Use SHA-1 as the digest algorithm (the default is to use
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        both SHA-1 and SHA-256).
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-2</span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Use SHA-256 as the digest algorithm.
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    </dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Select the digest algorithm. The value of
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        <code class="option">algorithm</code> must be one of SHA-1 (SHA1),
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        SHA-256 (SHA256), GOST or SHA-384 (SHA384).
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        These values are case insensitive.
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    </dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-C</span></dt>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Generate CDS records rather than DS records.  This is mutually
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        exclusive with generating lookaside records.
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    </dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-T <em class="replaceable"><code>TTL</code></em></span></dt>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Specifies the TTL of the DS records.
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      <p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        Look for key files (or, in keyset mode,
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        <code class="filename">keyset-</code> files) in
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg        <code class="option">directory</code>.
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg      </p>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg    </dd>
8a507a13a4a6adfb638f731e371abbbf25817697jaspervdg<dt><span class="term">-f <em class="replaceable"><code>file</code></em></span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Zone file mode: in place of the keyfile name, the argument is
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        the DNS domain name of a zone master file, which can be read
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        from <code class="option">file</code>.  If the zone name is the same as
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        <code class="option">file</code>, then it may be omitted.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        If <code class="option">file</code> is set to <code class="literal">"-"</code>, then
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        the zone data is read from the standard input.  This makes it
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        possible to use the output of the <span class="command"><strong>dig</strong></span>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        command as input, as in:
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        <strong class="userinput"><code>dig dnskey example.com | dnssec-dsfromkey -f - example.com</code></strong>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-A</span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz          <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz            Include ZSKs when generating DS records.  Without this option,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz            only keys which have the KSK flag set will be converted to DS
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz            records and printed.  Useful only in zone file mode.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz          </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-l <em class="replaceable"><code>domain</code></em></span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Generate a DLV set instead of a DS set.  The specified
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        <code class="option">domain</code> is appended to the name for each
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        record in the set.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        The DNSSEC Lookaside Validation (DLV) RR is described
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        in RFC 4431.  This is mutually exclusive with generating
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        CDS records.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-s</span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Keyset mode: in place of the keyfile name, the argument is
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        the DNS domain name of a keyset file.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Specifies the DNS class (default is IN).  Useful only
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        in keyset or zone file mode.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Sets the debugging level.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-h</span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Prints usage information.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dt><span class="term">-V</span></dt>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz        Prints version information.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </dd>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</dl></div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refsection">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a name="id-1.14.9.9"></a><h2>EXAMPLE</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      To build the SHA-256 DS RR from the
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      keyfile name, the following command would be issued:
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p><strong class="userinput"><code>dnssec-dsfromkey -2 Kexample.com.+003+26160</code></strong>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      The command would print something like:
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p><strong class="userinput"><code>example.com. IN DS 26160 5 2 3A1EADA7A74B8D0BA86726B0C227AA85AB8BBD2B2004F41A868A54F0 C5EA0B94</code></strong>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refsection">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a name="id-1.14.9.10"></a><h2>FILES</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      The keyfile can be designed by the key identification
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <code class="filename">Knnnn.+aaa+iiiii</code> or the full file name
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <code class="filename">Knnnn.+aaa+iiiii.key</code> as generated by
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <span class="refentrytitle">dnssec-keygen</span>(8).
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      The keyset file name is built from the <code class="option">directory</code>,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      the string <code class="filename">keyset-</code> and the
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <code class="option">dnsname</code>.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refsection">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a name="id-1.14.9.11"></a><h2>CAVEAT</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      A keyfile error can give a "file not found" even if the file exists.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  <div class="refsection">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a name="id-1.14.9.12"></a><h2>SEE ALSO</h2>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <p><span class="citerefentry">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <span class="refentrytitle">dnssec-keygen</span>(8)
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </span>,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <span class="citerefentry">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    <span class="refentrytitle">dnssec-signzone</span>(8)
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      </span>,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <em class="citetitle">BIND 9 Administrator Reference Manual</em>,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <em class="citetitle">RFC 3658</em>,
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <em class="citetitle">RFC 4431</em>.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz      <em class="citetitle">RFC 4509</em>.
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz    </p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz  </div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<div class="navfooter">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<hr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<table width="100%" summary="Navigation footer">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="40%" align="left">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<a accesskey="p" href="man.dnssec-coverage.html">Prev</a>�</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-importkey.html">Next</a>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="40%" align="left" valign="top">
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<span class="application">dnssec-coverage</span>�</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<td width="40%" align="right" valign="top">�<span class="application">dnssec-importkey</span>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</td>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</tr>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</table>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</div>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.2</p>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</body>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz</html>
e69f7d715a3db7f1fff1c8334714c8fab63852abjoncruz