logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

ldns-keyfetcher - retrieve the DNSSEC DNSKEYs for a zone

Author

       Written by Jelte Jansen for NLnet Labs.

Description

ldns-keyfetcher is used to retrieve the DNSKEYs of a zone.

       First  it  finds  all  authoritative  nameservers  of  the  zone  by  tracing  it from the root down. All
       authoritative nameservers are then queried (using TCP) for the DNSKEY RRset of  the  zone  apex.  If  the
       results are all the same, the key resource record set is printed.

Name

       ldns-keyfetcher - retrieve the DNSSEC DNSKEYs for a zone

Options

-4 Only use IPv4

       -6 Only use IPv6

       -h Show a help text and exit

       -i  Insecurer  mode; there will only be one query for the DNSKEYS. There will not be crosschecking of all
       authoritative nameservers.

       -vverbosity

       Set the verbosity level. The following levels are available:

        0: default, only print the DNSKEY RRset found, or an error on failure.
        1: Show the nameservers that are queried
        2: Show more info on what is checked
        3: Show the intermediate results (authority and dnskey rrsets)
        4: Print the answer packets that are returned

       -rfile

       Use file as the root hints file, should  contain  A  records  in  presentation  format.  The  default  is
       /etc/named.root. You can get this file from http://www.internic.net/zones/named.root.

       -s Don't print the keys to stdout, but store them in files.

       The filenames will be of the format K<file>.+<alg>.+<keytag>.key

Reporting Bugs

       Report bugs to <dns-team@nlnetlabs.nl>.

Synopsis

ldns-keyfetcher [ OPTIONS ] DOMAIN

See Also