1ldns-keyfetcher(1) General Commands Manual ldns-keyfetcher(1)
2
6 ldns-keyfetcher - retrieve the DNSSEC DNSKEYs for a zone
7
9 ldns-keyfetcher [ OPTIONS ] DOMAIN
10
13 ldns-keyfetcher is used to retrieve the DNSKEYs of a zone.
14 First it finds all authoritative nameservers of the zone by tracing it
16 from the root down. All authoritative nameservers are then queried
17 (using TCP) for the DNSKEY RRset of the zone apex. If the results are
18 all the same, the key resource record set is printed.
19
23 -4 Only use IPv4
24 -6 Only use IPv6
26 -h Show a help text and exit
28 -i Insecurer mode; there will only be one query for the DNSKEYS. There
30 will not be crosschecking of all authoritative nameservers.
31 -v verbosity
33 Set the verbosity level. The following levels are available:
35 0: default, only print the DNSKEY RRset found, or an error on failure.
37 1: Show the nameservers that are queried
38 2: Show more info on what is checked
39 3: Show the intermediate results (authority and dnskey rrsets)
40 4: Print the answer packets that are returned
41 -r file
43 Use file as the root hints file, should contain A records in presenta‐
45 tion format. The default is /etc/named.root. You can get this file from
46 http://www.internic.net/zones/named.root.
47 -s Don't print the keys to stdout, but store them in files.
49 The filenames will be of the format K<file>.+<alg>.+<keytag>.key
51
54 Written by Jelte Jansen for NLnet Labs.
55
58 Report bugs to <ldns-team@nlnetlabs.nl>.
59
62 Copyright (C) 2006 NLnet Labs. This is free software. There is NO war‐
63 ranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PUR‐
64 POSE.
65 4 Apr 2006 ldns-keyfetcher(1)