On 2/3/23 05:03, ogarcia@moire.org wrote:
I don't suppose you have a similar replacement for my other dependency on the bind package, dnssec-signzone?
As a command I personally do not know of any replacement. But if you simply use `dnssec-signzone` to check the DNSSEC status of a domain you can pull online tools like https://dnssec-analyzer.verisignlabs.com/ (not that it is the best, but it is something).
I use dnssec to sign domains and I am using ldns to do the leg work (key creating, zone signing). ldns may have what you want. I even wrote a little python tool to help manage deployment - it even automates key rollovers - its in AUR and github [1] gene [1] https://github.com/gene-git/dns_tools https://aur.archlinux.org/packages/dns_tools