From: Peter van Dijk Date: Mon, 21 Jun 2021 11:30:06 +0000 (+0200) Subject: pdnsutil add-zone-key: clarify ZSK default X-Git-Tag: dnsdist-1.7.0-alpha1~133^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F10373%2Fhead;p=thirdparty%2Fpdns.git pdnsutil add-zone-key: clarify ZSK default --- diff --git a/docs/manpages/pdnsutil.1.rst b/docs/manpages/pdnsutil.1.rst index 24aed66179..9649979042 100644 --- a/docs/manpages/pdnsutil.1.rst +++ b/docs/manpages/pdnsutil.1.rst @@ -48,8 +48,8 @@ algorithms are supported: activate-zone-key *ZONE* *KEY-ID* Activate a key with id *KEY-ID* within a zone called *ZONE*. -add-zone-key *ZONE* {**KSK**,\ **ZSK**} [**active**,\ **inactive**] [**published**,\ **unpublished**] *KEYBITS* *ALGORITHM* - Create a new key for zone *ZONE*, and make it a KSK or a ZSK, with +add-zone-key *ZONE* [**KSK**,\ **ZSK**] [**active**,\ **inactive**] [**published**,\ **unpublished**] *KEYBITS* *ALGORITHM* + Create a new key for zone *ZONE*, and make it a KSK or a ZSK (default), with the specified algorithm. The key is inactive by default, set it to **active** to immediately use it to sign *ZONE*. The key is published in the zone by default, set it to **unpublished** to keep it from diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc index a5c99b19d0..f27a449c08 100644 --- a/pdns/pdnsutil.cc +++ b/pdns/pdnsutil.cc @@ -2673,7 +2673,7 @@ try else if (cmds.at(0) == "add-zone-key") { if(cmds.size() < 3 ) { - cerr << "Syntax: pdnsutil add-zone-key ZONE zsk|ksk [BITS] [active|inactive] [rsasha1|rsasha1-nsec3-sha1|rsasha256|rsasha512|ecdsa256|ecdsa384"; + cerr << "Syntax: pdnsutil add-zone-key ZONE [zsk|ksk] [BITS] [active|inactive] [rsasha1|rsasha1-nsec3-sha1|rsasha256|rsasha512|ecdsa256|ecdsa384"; #if defined(HAVE_LIBSODIUM) || defined(HAVE_LIBDECAF) || defined(HAVE_LIBCRYPTO_ED25519) cerr << "|ed25519"; #endif @@ -2681,6 +2681,8 @@ try cerr << "|ed448"; #endif cerr << "]"<