dnssec-keygen question

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

dnssec-keygen question

Lévai, Dániel
Hi!

Why can't I generate an RSASHA1 key for a host with this command?

$ dnssec-keygen -a RSASHA1 -b 1024 -n HOST <host>
dnssec-keygen: invalid DNSKEY nametype HOST

According to dnssec-keygen(8), the HOST and ENTITY nametypes are valid and
equivalent.

I'm trying to configure A record updates for a host with dynamic ip.

I've read this documentation, and it seemed valid:
http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.html

Any advices would be appreciated, thanks!


Daniel

--
LIVAI Daniel
PGP key ID = 0x4AC0A4B1
Key fingerprint = D037 03B9 C12D D338 4412  2D83 1373 917A 4AC0 A4B1

Reply | Threaded
Open this post in threaded view
|

Re: dnssec-keygen question

Gabriel Kihlman
LEVAI Daniel <[hidden email]> writes:

> Hi!
>
> Why can't I generate an RSASHA1 key for a host with this command?
>
> $ dnssec-keygen -a RSASHA1 -b 1024 -n HOST <host>
> dnssec-keygen: invalid DNSKEY nametype HOST
>
> According to dnssec-keygen(8), the HOST and ENTITY nametypes are valid and
> equivalent.

HOST and ENTITY options are only valid if you are generating KEY records
(-k).

Like:

$ dnssec-keygen  -a RSASHA1 -b 1024 -k -n HOST somehost  
Ksomehost.+005+30076

/gabriel

Reply | Threaded
Open this post in threaded view
|

Re: dnssec-keygen question

Lévai, Dániel
On Friday 31 July 2009 19.42.48 you wrote:

> LEVAI Daniel <[hidden email]> writes:
> > Hi!
> >
> > Why can't I generate an RSASHA1 key for a host with this command?
> >
> > $ dnssec-keygen -a RSASHA1 -b 1024 -n HOST <host>
> > dnssec-keygen: invalid DNSKEY nametype HOST
> >
> > According to dnssec-keygen(8), the HOST and ENTITY nametypes are valid
> > and equivalent.
>
> HOST and ENTITY options are only valid if you are generating KEY records
> (-k).
>
> Like:
>
> $ dnssec-keygen  -a RSASHA1 -b 1024 -k -n HOST somehost
> Ksomehost.+005+30076

Thanks!


Daniel

--
LIVAI Daniel
PGP key ID = 0x4AC0A4B1
Key fingerprint = D037 03B9 C12D D338 4412  2D83 1373 917A 4AC0 A4B1