Scroll to navigation

PYKEYMGR(8) Knot DNS PYKEYMGR(8)

NAME

pykeymgr - Knot DNS key management utility

SYNOPSIS

pykeymgr [global-options] [command...] [arguments...]

DESCRIPTION

The pykeymgr utility serves for key management in Knot DNS server.

Functions for DNSSEC keys and KASP (Key And Signature Policy) management are provided.

The DNSSEC and KASP configuration is stored in a so called KASP database. The database is backed by LMDB.

The utility requires installed python LMDB module, installed e.g. by:

$ pip install lmdb


Global options

-f, --force
Skip some of consistency checks and continue with performed action with a warning.
-h, --help
Print the program help.

Main commands

-i, --import KASP_db_dir
Import the legacy JSON-format KASP database into the current LMDB-backed one. (You can import multiple databases at once by repeating this option.)

Parameters

KASP_db_dir
A path to the KASP db. It is the directory where data.mdb and lock.mdb files are usually stored as well as legacy JSON configuration and keys subdirectory containing PEM files.

EXAMPLES

1.
Import legacy JSON-based KASP db from Knot 2.4.x after upgrade:

$ pykemgr -i ${knot_data_dir}/keys



SEE ALSO

RFC 6781 - DNSSEC Operational Practices.

knot.conf(5), knotc(8), knotd(8).

AUTHOR

CZ.NIC Labs <http://www.knot-dns.cz>

COPYRIGHT

Copyright 2010–2018, CZ.NIC, z.s.p.o.
2018-02-12 2.6.5