tsig-keygen - Man Page

TSIG key generation tool

Synopsis

tsig-keygen [-a algorithm] [-h] [name]

Description

tsig-keygen is an utility that generates keys for use with TSIG (Transaction Signatures) as defined in RFC 2845 <https://datatracker.ietf.org/doc/html/rfc2845.html>. The resulting keys can be used, for example, to secure dynamic DNS updates to a zone, or for the rndc <#std-iscman-rndc> command channel.

A domain name can be specified on the command line to be used as the name of the generated key. If no name is specified, the default is tsig-key.

Options

-a algorithm

This option specifies the algorithm to use for the TSIG key. Available choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, and hmac-sha512. The default is hmac-sha256. Options are case-insensitive, and the "hmac-" prefix may be omitted.

-h

This option prints a short summary of options and arguments.

See Also

nsupdate(1) <#std-iscman-nsupdate>, named.conf(5) <#std-iscman-named.conf>, named(8) <#std-iscman-named>, BIND 9 Administrator Reference Manual.

Author

Internet Systems Consortium

Referenced By

knsupdate(1), named.conf(5), nsupdate(1).

9.18.48 BIND 9