logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

ods-hsmutil - OpenDNSSEC HSM utility

Contents

Authors

ods-hsmutil was written by Jakob Schlyter as part of the OpenDNSSEC project.

OpenDNSSEC                                        February 2010                                   ods-hsmutil(1)

Commands

login  If  there is no PIN in conf.xml, then this command will ask for it and login.  The PINs are stored
              in a shared memory and are accessible to the other daemons.

       logout Will erase the  semaphore  and  the  shared  memory  containing  any  credentials.   Authenticated
              processes will still be able to interact with the HSM.

       list [repository]
              List the keys that are available in all or one repositorygeneraterepositoryrsa|dsa|gost|ecdsa [keysize]
              Generate  a new key with the given keysize in the repository.  Note that GOST has a fixed key size
              and that ECDSA has two supported curves, P-256 and P-384. In the case of ECDSA, use 256 or 384  as
              the keysize.

       removeid
              Delete the key with the given idpurgerepository
              Delete all keys in one repositorydnskeyidnametypealgo
              Create a DNSKEY RR for the given owner name based on the key with this id.  The type will indicate
              if it is a KSK (257) or ZSK (256). Please use the numerical value. The algo, a value from the IANA
              repository, must match the algorithm of the key.

       testrepository
              Perform a number of tests on a repositoryinfo   Show detailed information about all repositories

Description

       The ods-hsmutil utility is mainly used for debugging or testing. It is designed to interact directly with
       your HSM and can be used to manually list, create or delete keys. It can also be used to perform a set of
       basics  HSM  tests. Be careful before creating or deleting keys using ods-hsmutil, as the changes are not
       synchronized with the KASP Enforcer.

       The repositories are configured by the user in  the  OpenDNSSEC  configuration  file.  The  configuration
       contains the name of the repository, the token label, the user PIN, and the path to its shared library.

Name

ods-hsmutil - OpenDNSSEC HSM utility

Options

-cconfig
              Path to an OpenDNSSEC configuration file

              (defaults to /etc/opendnssec/conf.xml)

       -h     Show the help screen

       -v     Output more information by increasing the verbosity level

See Also

ods-control(8),   ods-enforcerd(8),  ods-hsmspeed(1),  ods-kaspcheck(1),  ods-signer(8),  ods-signerd(8),
       ods-enforcer(8), ods-timing(5), ods-kasp(5), opendnssec(7), http://www.opendnssec.org/

Synopsis

ods-hsmutil [-cconfig] [-v] command [options]

See Also

Man Pages
OpenDNSSEC Man Pages
← View User commands Category← Back to File management🙏  Credits & Acknowledgments