Skip to main content

You're viewing an archived page. It is no longer being updated.


This content is only available for historical reference.




This is a little utility to create a conguration file for the DNSSECMAINT key management suite.

The program presents configuration options with a small explanation and presents a default value.

one can always type 'exit' to terminate the program.


Here follows and example session

$ bert >dnssecmaint-config

$ bert >

    This is a program to write Net::DNS::SEC::Maint configuration files. 
    It is typically used at install time or to create alternative configurations.
    Type 'exit' to leave the program.
    conffile specifies where the configuration file can be found
    conffile is set to /usr/local/etc/dnssecmaint.conf
    Enter value for conffile>/spool/olaf/etc/dnssecmaint.conf
    dns_key_db Path to the directory in which the key database is kept
    dns_key_db is set to /usr/local/var/dnssec_maint/DNS_Key_DB
    Enter value for dns_key_db>/usr/local/var/dnssec_maint/DNS_Key_DB
    dnssec_keygen full path to BIND's dnssec-keygen command with optional arguments
    This vallue is currently set using the DNSSECMAINT_DNSSEC_KEYGEN
    dnssec_keygen is set to /home/olaf/sbin/dnssec-keygen -r /dev/urandom 
    Enter value for dnssec_keygen>/home/olaf/sbin/dnssec-keygen -r /dev/urandom 
    dnssec_signzone full path to BIND's dnssec-signzone command with optional argume
    This vallue is currently set using the DNSSECMAINT_DNSSEC_SIGNZONE
    dnssec_signzone is set to /home/olaf/sbin/dnssec-signzone -r /dev/urandom 
    Enter value for dnssec_signzone>/home/olaf/sbin/dnssec-signzone -r /dev/urandom 
    dsakeysizekey Default size for DSA Key Signing Keys
    dsakeysizekey is set to 1024
    Enter value for dsakeysizekey>1024
    dsakeysizezone Default size for DSA Zone Signing Keys
    dsakeysizezone is set to 512
    Enter value for dsakeysizezone>512
    logdir specifies the directory under logfiles are stored
    logdir is set to /usr/local/var/dnssec_maint/log
    Enter value for logdir>/usr/local/var/dnssec_maint/log
    maintgroup Name of group that has R/W access to the dnssecmt
    maintgroup is set to dnssecmt
    Enter value for maintgroup>dnssecmt
    rsakeysizekey Default size for RSA Key Signing Keys
    rsakeysizekey is set to 2048
    Enter value for rsakeysizekey>2048
    rsakeysizezone Default size for RSA Zone Signing Keys
    rsakeysizezone is set to 768
    Enter value for rsakeysizezone>768
    tmpdir Path to the directory in which temporary files are stored
    tmpdir is set to /tmp/
    Enter value for tmpdir>/tmp/
    Save configuration file to:/spool/olaf/etc/dnssecmaint.conf? (yes|no)>yes
    To use this configuration file you have to set DNSSECMAINT_CONFFILE=/spool/olaf/
    dnssecmt is an unknown group
    Please add the group to /etc/group or