Cisco Cisco Prime IP Express 8.3 Technical References
key
key - Manage TSIG key objects
Synopsis
key list
key listnames
key listbrief
key <name> show
key <name> create <secret> [<attribute>=<value>...]
key <name> delete
key <name> get <attribute>
key <name> set <attribute>=<value> [<attribute>=<value> ...]
key <name> unset <attribute>
key listnames
key listbrief
key <name> show
key <name> create <secret> [<attribute>=<value>...]
key <name> delete
key <name> get <attribute>
key <name> set <attribute>=<value> [<attribute>=<value> ...]
key <name> unset <attribute>
Description
The key command creates and manages transaction signature (TSIG)
keys for DNS updates, zone transfers, queries, and recursions.
TSIG security, as defined in RFC 2845, enables both DNS and DHCP
servers to authenticate DNS updates. TSIG security uses the
HMAC-MD5 (or keyed MD5) algorithm to generate a signature that
is used to authenticate the requests and responses. The DHCP
server uses TSIG keys to create TSIG resource records while
processing DNS updates.
keys for DNS updates, zone transfers, queries, and recursions.
TSIG security, as defined in RFC 2845, enables both DNS and DHCP
servers to authenticate DNS updates. TSIG security uses the
HMAC-MD5 (or keyed MD5) algorithm to generate a signature that
is used to authenticate the requests and responses. The DHCP
server uses TSIG keys to create TSIG resource records while
processing DNS updates.
To configure TSIG security on a DHCP server, you must first
create a shared key, then enable DNS update for your scopes
by setting the dynamic-dns attribute to update-all). Also,
enable the dynamic-dns-tsig attribute for forward or reverse
zones for the scope or on the server level.
create a shared key, then enable DNS update for your scopes
by setting the dynamic-dns attribute to update-all). Also,
enable the dynamic-dns-tsig attribute for forward or reverse
zones for the scope or on the server level.
Examples
Status
See Also
Attributes
Attributes
(hmac-md5=1) default = hmac-md5
The algorithm that this key is used with. Currently we only
support hmac-md5.
support hmac-md5.
Displays an integer id for the key.
required
A base64 encoded string used for transaction authentication.
(TSIG=1) default = TSIG
The type of security that this key is going to be used for.
Currently we only support TSIG keys.
Currently we only support TSIG keys.
tenant-id