Bug#332988: bind9: dnssec-keygen ignores -n options

Sun, 09 Oct 2005 15:18:04 -0700 

Package: bind9
Version: 1:9.3.1-2
Severity: normal

dnssec-keygen reject valid options to the -n (nametype) option.
Case of the parameter doesn't matter.  This makes dnssec-keygen useless for
individual host key authentication.
Recompiling from source (dpkg-src install) does not resolve the problem.



? dnssec-keygen -n host -a RSAMD5 -b 2048 hostname.tld
dnssec-keygen: invalid DNSKEY nametype host

? dnssec-keygen -n user -a RSAMD5 -b 2048 hostname.tld
dnssec-keygen: invalid DNSKEY nametype user

? dnssec-keygen -n USER -a RSAMD5 -b 2048 hostname.tld
dnssec-keygen: invalid DNSKEY nametype USER

? dnssec-keygen -help
Usage:
    dnssec-keygen -a alg -b bits -n type [options] name

Version: 9.3.1
Required options:
    -a algorithm: RSA | RSAMD5 | DH | DSA | RSASHA1 | HMAC-MD5
    -b key size, in bits:
        RSAMD5:         [512..4096]
        RSASHA1:                [512..4096]
        DH:             [128..4096]
        DSA:            [512..1024] and divisible by 64
        HMAC-MD5:       [1..512]
    -n nametype: ZONE | HOST | ENTITY | USER | OTHER
    name: owner of the key
Other options:
    -c <class> (default: IN)
    -e use large exponent (RSAMD5/RSASHA1 only)
    -f keyflag: KSK
    -g <generator> use specified generator (DH only)
    -t <type>: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF (default: AUTHCONF)
    -p <protocol>: default: 3 [dnssec]
    -s <strength> strength value this key signs DNS records with (default: 0)
    -r <randomdev>: a file containing random data
    -v <verbose level>
    -k : generate a TYPE=KEY key
Output:
     K<name>+<alg>+<id>.key, K<name>+<alg>+<id>.private


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-gentoo-r6
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages bind9 depends on:
ii  adduser                       3.67.2     Add and remove users and groups
ii  libbind9-0                    1:9.3.1-2  BIND9 Shared Library used by BIND
ii  libc6                         2.3.5-6    GNU C Library: Shared libraries an
ii  libdns20                      1:9.3.1-2  DNS Shared Library used by BIND
ii  libisc9                       1:9.3.1-2  ISC Shared Library used by BIND
ii  libisccc0                     1:9.3.1-2  Command Channel Library used by BI
ii  libisccfg1                    1:9.3.1-2  Config File Handling Library used 
ii  liblwres1                     1:9.3.1-2  Lightweight Resolver Library used 
ii  libssl0.9.7                   0.9.7g-3   SSL shared libraries
ii  netbase                       4.22       Basic TCP/IP networking system

bind9 recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to