LEVAI Daniel <[email protected]> writes: > Hi! > > Why can't I generate an RSASHA1 key for a host with this command? > > $ dnssec-keygen -a RSASHA1 -b 1024 -n HOST <host> > dnssec-keygen: invalid DNSKEY nametype HOST > > According to dnssec-keygen(8), the HOST and ENTITY nametypes are valid and > equivalent.
HOST and ENTITY options are only valid if you are generating KEY records (-k). Like: $ dnssec-keygen -a RSASHA1 -b 1024 -k -n HOST somehost Ksomehost.+005+30076 /gabriel
