On 2/3/23 05:03, ogar...@moire.org wrote:
I don't suppose you have a similar replacement for my other dependency
on the bind package, dnssec-signzone?
As a command I personally do not know of any replacement. But if you simply use
`dnssec-signzone` to check the DNSSEC status of a domain you can pull online
tools like https://dnssec-analyzer.verisignlabs.com/ (not that it is the best,
but it is something).
I use dnssec to sign domains and I am using ldns to do the leg work (key
creating, zone signing). ldns may have what you want.
I even wrote a little python tool to help manage deployment - it even
automates key rollovers - its in AUR and github [1]
gene
[1] https://github.com/gene-git/dns_tools
https://aur.archlinux.org/packages/dns_tools
