1LSDNSSEC(1)           User Contributed Perl Documentation          LSDNSSEC(1)
2
3
4

NAME

6       lsdnssec - List DNSSEC components of zones from files or directories
7

SYNOPSIS

9         lsdnssec [-d 1-9] [OPTIONS] [FILES OR DIRECTORIES...]
10

DESCRIPTION

12       The lsdnssec program summarizes information about DNSSEC-related files.
13       These files may be specified on the command line or found in
14       directories that were given on the command line.  The -d flag controls
15       the amount of detail in the lsdnssec output.
16
17       lsdnssec displays the following information about each zone for which
18       it collects information:
19
20       keys
21           Key information is shown about the keys currently in use.  A bar
22           graph is included that shows the age of the key with respect to the
23           configured expected key-life time.
24
25           This information is collected from any .krf files lsdnssec finds.
26
27       rolling status
28           If any zone keys are being rolled via rollerd, then the status of
29           the rolling state is shown.  The time needed to reach the next
30           state is also displayed.
31
32           This information is collected from any .rollrec files found by
33           lsdnssec.
34

OPTIONS

36       -z ZONENAME1[,ZONENAME2]
37       --zone=ZONENAME1[,ZONENAME2]
38           Only prints information about the named zone(s).
39
40       -p NUMBER
41       --phase=NUMBER
42           Only prints information about zones currently being rolled by
43           rollerd and where either a zsk or a ksk rollover is taking place
44           and is in phase NUMBER.
45
46           If the phase NUMBER is specified as 0, then any zone in any rolling
47           phase will be printed (but not zones that aren't being rolled at
48           all).
49
50           This flag is especially useful to find all of your zones that are
51           currently in KSK rolling phase 6, which requires operator
52           intervention to propegate the new DS records into the parent zone.
53
54       -r
55       --roll-status
56           Show only rolling information from the rollrec files.  By default
57           both roll-state and key information is shown.
58
59       -k
60       --key-data
61           Show only keying information from the krf files.  By default both
62           roll-state and key information is shown.
63
64       -K
65       --key-gen-time
66           Normally rollerd calculates the age of a key based on the last time
67           a key was rolled.  However, it's also possible to calculate the age
68           of a key based on the different between now and when it was created
69           (which was typically before the rolling began).  The -K flag
70           switches to this second mode of key age calculation (which will not
71           match how rollerd actually performs).
72
73       -d 1-9
74       --detail 1-9
75           Controls the amount of information shown in the output.  A level of
76           9 shows everything; a level of 1 shows a minimal amount.  The
77           default level is 5.
78
79       --debug
80           Turns on extra debugging information.
81

83       Copyright 2009-2011 SPARTA, Inc.  All rights reserved.  See the COPYING
84       file included with the DNSSEC-Tools package for details.
85

AUTHOR

87       Wes Hardaker <hardaker AT AT AT users.sourceforge.net>
88

SEE ALSO

90       lskrf(1)
91
92       zonesigner(8), rollerd(8)
93
94
95
96perl v5.12.4                      2011-10-12                       LSDNSSEC(1)
Impressum