ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Allow dig to SIG(0) sign a message

Browse Source
This commit is contained in:
Mark Andrews
2022-03-14 13:43:07 +11:00
committed by Petr Špaček
parent c127a2aefc
commit 4d248ee78e
3 changed files with 46 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
doc/man/dig.1in
View File

@@ -153,12 +153,14 @@ Print a usage summary.
.INDENT 0.0
.TP
.B \-k keyfile
This option tells \fI\%named\fP to sign queries using TSIG using a key read from the given file. Key
files can be generated using \fI\%tsig\-keygen\fP\&. When using TSIG
authentication with \fBdig\fP, the name server that is queried needs to
know the key and algorithm that is being used. In BIND, this is done
by providing appropriate \fBkey\fP and \fBserver\fP statements in
\fI\%named.conf\fP\&.
This option tells \fBdig\fP to sign queries using TSIG or
SIG(0) using a key read from the given file. Key files can be
generated using \fI\%tsig\-keygen\fP\&. When using TSIG authentication
with \fBdig\fP, the name server that is queried needs to
know the key and algorithm that is being used. In BIND, this is
done by providing appropriate \fBkey\fP and \fBserver\fP statements
in \fI\%named.conf\fP for TSIG and by looking up the KEY record
in zone data for SIG(0).
.UNINDENT
.INDENT 0.0
.TP