>> dnssec-keygen reject valid options to the -n (nametype) option. >> ? dnssec-keygen -n host -a RSAMD5 -b 2048 hostname.tld >> dnssec-keygen: invalid DNSKEY nametype host
> By using a different algorithm I'm able to get it to generate HOST keys. You may also maintain your algorithm of choice and instead force the generation of KEY records (rather than DNSKEY records) by using the -k option.
signature.asc
Description: OpenPGP digital signature
