knsec3hash – NSEC hash computation utility¶
Synopsis¶
knsec3hash salt algorithm iterations name
knsec3hash algorithm flags iterations salt name
knsec3hash [-h] [-V]
Description¶
This utility generates a NSEC3 hash for a given domain name and parameters of NSEC3 hash.
Parameters¶
- salt
Specifies a binary salt encoded as a hexadecimal string.
- algorithm
Specifies a hashing algorithm by number. Currently, the only supported algorithm is SHA-1 (number 1).
- iterations
Specifies the number of additional iterations of the hashing algorithm.
- name
Specifies the domain name to be hashed.
- flags
Specifies NSEC3 flags as an unsigned integer.
Options¶
- -h, --help
Print the program help.
- -V, --version
Print the program version. The option -VV makes the program print the compile time configuration summary.
Exit values¶
Exit status of 0 means successful operation. Any other exit status indicates an error.
Examples¶
$ knsec3hash 1 0 10 c01dcafe knot-dns.cz
7PTVGE7QV67EM61ROS9238P5RAKR2DM7 (salt=c01dcafe, hash=1, iterations=10)
$ knsec3hash - 1 0 net
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH (salt=-, hash=1, iterations=0)
See Also¶
RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.
knotc(8), knotd(8).
