65 lines
1.7 KiB
Groff
65 lines
1.7 KiB
Groff
.TH ldns-keyfetcher 1 "4 Apr 2006"
|
|
.SH NAME
|
|
ldns-keyfetcher \- retrieve the DNSSEC DNSKEYs for a zone
|
|
.SH SYNOPSIS
|
|
.B ldns-keyfetcher
|
|
[
|
|
.IR OPTIONS
|
|
]
|
|
.IR DOMAIN
|
|
|
|
.SH DESCRIPTION
|
|
\fBldns-keyfetcher\fR is used to retrieve the DNSKEYs of a zone.
|
|
|
|
First it finds all authoritative nameservers of the zone by tracing it from
|
|
the root down. All authoritative nameservers are then queried (using TCP)
|
|
for the DNSKEY RRset of the zone apex. If the results are all the same,
|
|
the key resource record set is printed.
|
|
|
|
|
|
.SH OPTIONS
|
|
\fB-4\fR \fI\fR
|
|
Only use IPv4
|
|
|
|
\fB-6\fR \fI\fR
|
|
Only use IPv6
|
|
|
|
\fB-h\fR \fI\fR
|
|
Show a help text and exit
|
|
|
|
\fB-i\fR
|
|
Insecurer mode; there will only be one query for the DNSKEYS. There will not
|
|
be crosschecking of all authoritative nameservers.
|
|
|
|
\fB-v\fR \fIverbosity\fR
|
|
|
|
Set the verbosity level. The following levels are available:
|
|
|
|
0: default, only print the DNSKEY RRset found, or an error on failure.
|
|
1: Show the nameservers that are queried
|
|
2: Show more info on what is checked
|
|
3: Show the intermediate results (authority and dnskey rrsets)
|
|
4: Print the answer packets that are returned
|
|
|
|
\fB-r\fR \fIfile\fR
|
|
|
|
Use file as the root hints file, should contain A records in presentation
|
|
format. The default is /etc/named.root. You can get this file from
|
|
http://www.internic.net/zones/named.root.
|
|
|
|
\fB-s\fR \fI\fR
|
|
Don't print the keys to stdout, but store them in files.
|
|
|
|
The filenames will be of the format K<file>.+<alg>.+<keytag>.key
|
|
|
|
.SH AUTHOR
|
|
Written by Jelte Jansen for NLnet Labs.
|
|
|
|
.SH REPORTING BUGS
|
|
Report bugs to <ldns-team@nlnetlabs.nl>.
|
|
|
|
.SH COPYRIGHT
|
|
Copyright (C) 2006 NLnet Labs. This is free software. There is NO
|
|
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
|
PURPOSE.
|