EnglishFrenchSpanish

Ad


OnWorks favicon

lsdnssecp - Online in the Cloud

Run lsdnssecp in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command lsdnssecp that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


lsdnssec - List DNSSEC components of zones from files or directories

SYNOPSIS


lsdnssec [-d 1-9] [OPTIONS] [FILES OR DIRECTORIES...]

DESCRIPTION


The lsdnssec program summarizes information about DNSSEC-related files. These files may
be specified on the command line or found in directories that were given on the command
line. The -d flag controls the amount of detail in the lsdnssec output.

lsdnssec displays the following information about each zone for which it collects
information:

keys
Key information is shown about the keys currently in use. A bar graph is included
that shows the age of the key with respect to the configured expected key lifetime.

This information is collected from any .krf files lsdnssec finds.

rolling status
If any zone keys are being rolled via rollerd, then the status of the rolling state is
shown. The time needed to reach the next state is also displayed.

This information is collected from any .rollrec or .rrf files found by lsdnssec.

OPTIONS


-z ZONENAME1[,ZONENAME2]
--zone=ZONENAME1[,ZONENAME2]
Only prints information about the named zone(s).

-p NUMBER
--phase=NUMBER
Only prints information about zones currently being rolled by rollerd and where either
a zsk or a ksk rollover is taking place and is in phase NUMBER.

If the phase NUMBER is specified as 0, then any zone in any rolling phase will be
printed (but not zones that aren't being rolled at all).

This flag is especially useful to find all of your zones that are currently in KSK
rolling phase 6, which requires operator intervention to propagate the new DS records
into the parent zone.

-r
--roll-status
Show only rolling information from the rollrec files. By default both roll-state and
key information is shown.

-k
--key-data
Show only keying information from the krf files. By default both roll-state and key
information is shown.

-K
--key-gen-time
Normally rollerd calculates the age of a key based on the last time a key was rolled.
However, it's also possible to calculate the age of a key based on the difference
between the time of execution and when the key was created (which was typically before
the rolling began). The -K flag switches to this second mode of key age calculation
(which will not match how rollerd actually performs).

-M
--monitor
The -M flag gives an abbreviated version of lsdnssec output that is intended for use
by monitoring systems. It displays the zone name, the rollover phase, and the time
remaining in that phase. This option implicitly sets the -r flag on and sets the
detail level to 1.

-d 1-9
--detail 1-9
Controls the amount of information shown in the output. A level of 9 shows
everything; a level of 1 shows a minimal amount. The default level is 5.

--debug
Turns on extra debugging information.

COPYRIGHT


Copyright 2009-2014 SPARTA, Inc. All rights reserved. See the COPYING file included with
the DNSSEC-Tools package for details.

Use lsdnssecp online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

Linux commands

Ad