DNSSEC key generator version 1.6.17 (ldns version 1.6.17)

ldns-keygen: invalid option -- '-' ldns-keygen -a <algorithm> [-b bits] [-r /dev/random] [-v] domain generate a new key pair for domain -a <alg> use the specified algorithm (-a list to show a list) -k set the flags to 257; key signing key -b <bits> specify the keylength -r <random> specify a random device (defaults to /dev/random) to seed the random generator with -v show the version and exit The following files will be created: K<name>+<alg>+<id>.key Public key in RR format K<name>+<alg>+<id>.private Private key in key format K<name>+<alg>+<id>.ds DS in RR format (only for DNSSEC keys) The base name (K<name>+<alg>+<id> will be printed to stdout