knsec3hash - Man Page

Simple utility to compute NSEC3 hash

Synopsis

knsec3hash salt algorithm iterations name

knsec3hash algorithm flags iterations salt name

knsec3hash [-h] [-V]

Description

This utility generates a NSEC3 hash for a given domain name and parameters of NSEC3 hash.

Parameters

salt

Specifies a binary salt encoded as a hexadecimal string.

algorithm

Specifies a hashing algorithm by number. Currently, the only supported algorithm is SHA-1 (number 1).

iterations

Specifies the number of additional iterations of the hashing algorithm.

name

Specifies the domain name to be hashed.

flags

Specifies NSEC3 flags as an unsigned integer.

Options

-h,  --help

Print the program help.

-V,  --version

Print the program version. The option -VV makes the program print the compile time configuration summary.

Exit Values

Exit status of 0 means successful operation. Any other exit status indicates an error.

Examples

$ knsec3hash 1 0 10 c01dcafe knot-dns.cz
7PTVGE7QV67EM61ROS9238P5RAKR2DM7 (salt=c01dcafe, hash=1, iterations=10)
$ knsec3hash - 1 0 net
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH (salt=-, hash=1, iterations=0)

See Also

RFC 5155 – DNS Security (DNSSEC) Hashed Authenticated Denial of Existence.

knotc(8), knotd(8).

Author

CZ.NIC Labs <https://www.knot-dns.cz>

Info

2024-10-31 3.4.2 Knot DNS