About RIPE NCC | Contact  | Search | Sitemap    
Homepage RIPE NCC  
Deployment of Internet Security Infrastructures
     
Next Sectionyou are here: home -> RIPE NCC projects -> DISI
DISI:
RIPE NCC Navigation Ends
DISI Homepage DISI Home Page
DISI Documents DISI Documents
DISI Tools DISI Tools
DISI related projects and links DISI related projects
and links
RIPE NCC Navigation Ends
Next Section

SYNOPSIS

    dnssec-copyprivate

DESCRIPTION

This is a little utility to create a conguration file for the DNSSECMAINT key management suite.

The program presents configuration options with a small explanation and presents a default value.

one can always type 'exit' to terminate the program.

EXAMPLE

Here follows and example session

$ bert >dnssecmaint-config

$ bert >

    This is a program to write Net::DNS::SEC::Maint configuration files. 
    It is typically used at install time or to create alternative configurations.
    Type 'exit' to leave the program.
    ----
    conffile specifies where the configuration file can be found
    conffile is set to /usr/local/etc/dnssecmaint.conf
    Enter value for conffile>/spool/olaf/etc/dnssecmaint.conf
    ----
    dns_key_db Path to the directory in which the key database is kept
    dns_key_db is set to /usr/local/var/dnssec_maint/DNS_Key_DB
    Enter value for dns_key_db>/usr/local/var/dnssec_maint/DNS_Key_DB
    ----
    dnssec_keygen full path to BIND's dnssec-keygen command with optional arguments
    This vallue is currently set using the DNSSECMAINT_DNSSEC_KEYGEN
    dnssec_keygen is set to /home/olaf/sbin/dnssec-keygen -r /dev/urandom 
    Enter value for dnssec_keygen>/home/olaf/sbin/dnssec-keygen -r /dev/urandom 
    ----
    dnssec_signzone full path to BIND's dnssec-signzone command with optional argume
    nts
    This vallue is currently set using the DNSSECMAINT_DNSSEC_SIGNZONE
    dnssec_signzone is set to /home/olaf/sbin/dnssec-signzone -r /dev/urandom 
    Enter value for dnssec_signzone>/home/olaf/sbin/dnssec-signzone -r /dev/urandom 
    ----
    dsakeysizekey Default size for DSA Key Signing Keys
    dsakeysizekey is set to 1024
    Enter value for dsakeysizekey>1024
    ----
    dsakeysizezone Default size for DSA Zone Signing Keys
    dsakeysizezone is set to 512
    Enter value for dsakeysizezone>512
    ----
    logdir specifies the directory under logfiles are stored
    logdir is set to /usr/local/var/dnssec_maint/log
    Enter value for logdir>/usr/local/var/dnssec_maint/log
    ----
    maintgroup Name of group that has R/W access to the dnssecmt
    maintgroup is set to dnssecmt
    Enter value for maintgroup>dnssecmt
    ----
    rsakeysizekey Default size for RSA Key Signing Keys
    rsakeysizekey is set to 2048
    Enter value for rsakeysizekey>2048
    ----
    rsakeysizezone Default size for RSA Zone Signing Keys
    rsakeysizezone is set to 768
    Enter value for rsakeysizezone>768
    ----
    tmpdir Path to the directory in which temporary files are stored
    tmpdir is set to /tmp/
    Enter value for tmpdir>/tmp/
    Save configuration file to:/spool/olaf/etc/dnssecmaint.conf? (yes|no)>yes
    To use this configuration file you have to set DNSSECMAINT_CONFFILE=/spool/olaf/
    etc/dnssecmaint.conf
    dnssecmt is an unknown group
    Please add the group to /etc/group or
RELATED TOPICS


 

Next Section
     About RIPE NCC | Service Announcements | Site Map | LIR Portal | About RIPE | Contact | © RIPE NCC. All rights reserved.
RIPE NCC Homepage Go to the RIPE NCC LIRPortal Go to the RIPE Community pages