convert python tools' man pages to RST
This commit is contained in:
Evan Hunt
Ondřej Surý
67
bin/python/dnssec-checkds.rst
Normal file
67
bin/python/dnssec-checkds.rst
Normal file
@@ -0,0 +1,67 @@
|
||||
..
|
||||
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
||||
|
||||
This Source Code Form is subject to the terms of the Mozilla Public
|
||||
License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
See the COPYRIGHT file distributed with this work for additional
|
||||
information regarding copyright ownership.
|
||||
|
||||
.. highlight: console
|
||||
|
||||
.. _man_dnssec-checkds:
|
||||
|
||||
dnssec-checkds - DNSSEC delegation consistency checking tool
|
||||
------------------------------------------------------------
|
||||
|
||||
Synopsis
|
||||
~~~~~~~~
|
||||
|
||||
``dnssec-checkds`` [**-d**\ *dig path*] [**-D**\ *dsfromkey path*]
|
||||
[**-f**\ *file*] [**-l**\ *domain*] [**-s**\ *file*] {zone}
|
||||
|
||||
Description
|
||||
~~~~~~~~~~~
|
||||
|
||||
``dnssec-checkds`` verifies the correctness of Delegation Signer (DS)
|
||||
resource records for keys in a specified zone.
|
||||
|
||||
Options
|
||||
~~~~~~~
|
||||
|
||||
**-a** *algorithm*
|
||||
|
||||
Specify a digest algorithm to use when converting the zones DNSKEY
|
||||
records to expected DS records. This option can be repeated, so that
|
||||
multiple records are checked for each DNSKEY record.
|
||||
|
||||
The *algorithm* must be one of SHA-1, SHA-256, or SHA-384. These
|
||||
values are case insensitive, and the hyphen may be omitted. If no
|
||||
algorithm is specified, the default is SHA-256.
|
||||
|
||||
**-f** *file*
|
||||
|
||||
If a ``file`` is specified, then the zone is read from that file to
|
||||
find the DNSKEY records. If not, then the DNSKEY records for the zone
|
||||
are looked up in the DNS.
|
||||
|
||||
**-s** *file*
|
||||
|
||||
Specifies a prepared dsset file, such as would be generated by
|
||||
``dnssec-signzone``, to use as a source for the DS RRset instead of
|
||||
querying the parent.
|
||||
|
||||
**-d** *dig path*
|
||||
|
||||
Specifies a path to a ``dig`` binary. Used for testing.
|
||||
|
||||
**-D** *dsfromkey path*
|
||||
|
||||
Specifies a path to a ``dnssec-dsfromkey`` binary. Used for testing.
|
||||
|
||||
See Also
|
||||
~~~~~~~~
|
||||
|
||||
``dnssec-dsfromkey``\ (8), ``dnssec-keygen``\ (8),
|
||||
``dnssec-signzone``\ (8),
|
||||
Reference in New Issue
Block a user