ZSK syntax problems bind9.7.1P2
Martin McCormick
martin at dc.cis.okstate.edu
Fri Dec 3 20:55:22 UTC 2010
I am signing a test zone of okstate.edu and am having some
trouble with the command. The KSK went fine but when I try:
dnssec-keygen -K /var/named/etc/namedb/dynamic/okstate.edu -s 7 RSASHA1 -b 1024 -n ZONE okstate.edu
I get:
dnssec-keygen: fatal: extraneous arguments
Originally, the example I had used had no value after
-s, but that produced a very informative error telling me I
needed a number from 0 to 15. A look at the man page says this
number apparently does nothing quite yet, but it is a strength
value so one day, it may obfuscate the key, but right now, it is
a place holder. So, what should I have in that particular
command to make it generate the ZSK?
Thank you.
Martin McCormick
More information about the bind-users
mailing list