GNU.WIKI: The GNU/Linux Knowledge Base

  [HOME] [PHP Manual] [HowTo] [ABS] [MAN1] [MAN2] [MAN3] [MAN4] [MAN5] [MAN6] [MAN7] [MAN8] [MAN9]

  [0-9] [Aa] [Bb] [Cc] [Dd] [Ee] [Ff] [Gg] [Hh] [Ii] [Jj] [Kk] [Ll] [Mm] [Nn] [Oo] [Pp] [Qq] [Rr] [Ss] [Tt] [Uu] [Vv] [Ww] [Xx] [Yy] [Zz]


NAME

       opendkim-genkey - DKIM filter key generation tool

SYNOPSIS

       opendkim-genkey [options]

DESCRIPTION

       opendkim-genkey  generates (1) a private key for signing messages using
       opendkim(8) and (2) a DNS TXT record suitable for inclusion in  a  zone
       file  which  publishes  the  matching public key for use by remote DKIM
       verifiers.

       The filenames of these are based  on  the  selector  (see  below);  the
       private  key  will  have a suffix of ".private" and the TXT record will
       have a suffix of ".txt".

       Both long and short names are supported for most options.

OPTIONS

       -a     (--append-domain) Appends the domain name (see -d below) to  the
              label  in  the  generated  TXT  record,  followed  by a trailing
              period.  By default it is assumed the domain  name  is  implicit
              from the context of the zone file, and is therefore not included
              in the output.

       -b bits
              (--bits=n) Specifies the  size  of  the  key,  in  bits,  to  be
              generated.   The  default is 1024 which is the value recommended
              by the DKIM specification.

       -d domain
              (--domain=string) Names the domain which will use this  key  for
              signing.   Currently  only  used  in a comment in the TXT record
              file.  The default is "example.com".

       -D directory
              (--directory=path) Instructs the tool to  change  to  the  named
              directory  prior  to  creating  files.   By  default the current
              directory is used.

       -h algorithms
              (--hash-algorithms=name[:name[...]])  Specifies a list  of  hash
              algorithms which can be used with this key.  By default all hash
              algorithms are allowed.

       --help Print a help message and exit.

       -n note
              (--note=string) Includes arbitrary note text in the key  record.
              By default, no such text is included.

       -r     (--restricted) Restricts the key for use in e-mail signing only.
              The default is to allow the key to be used for any service.

       -s selector
              (--selector=name) Specifies the selector, or name,  of  the  key
              pair generated.  The default is "default".

       -S     (--[no]subdomains)  Disallows subdomain signing by this key.  By
              default the key record will be generated such that verifiers are
              told  subdomain  signing  is  permitted.  Note that for backward
              compatibility reasons, -S means the same as --nosubdomains.

       -t     (--[no]testmode) Indicates the generated key  record  should  be
              tagged  such  that  verifiers  are  aware DKIM is in test at the
              signing domain.

       -v     (--verbose) Increase verbose output.

       -V     (--version) Print version number and exit.

NOTES

       Requires that the openssl(8) binary be installed and in  the  executing
       shell's search path.

VERSION

       This  man  page covers the version of opendkim-genkey that shipped with
       version 2.9.2 of OpenDKIM.

COPYRIGHT

       Copyright (c) 2007, 2008 Sendmail, Inc. and its suppliers.  All  rights
       reserved.

       Copyright  (c) 2009, 2011-2013, The Trusted Domain Project.  All rights
       reserved.

SEE ALSO

       opendkim(8), openssl(8)

       RFC6376 - DomainKeys Identified Mail

                          The Trusted Domain Project        opendkim-genkey(8)



  All copyrights belong to their respective owners. Other content (c) 2014-2018, GNU.WIKI. Please report site errors to webmaster@gnu.wiki.
Page load time: 0.169 seconds. Last modified: November 04 2018 12:49:43.