Skip to content

pkcs11-destroy's usage message is misleading

pkcs11-destroy's usage message says "use whatever options you want, if any":

# /root/bind9/bin/pkcs11/pkcs11-destroy -h
Unrecognised option: -h
Usage:
	pkcs11-destroy [-m module] [-s slot] [-i id | -l label] [-p pin] [-w waittime]

But pkcs11-destroy(8) man page says that either -i, or -l needs to be provided:

SYNOPSIS
       pkcs11-destroy [-m module] [-s slot] {-i ID | -l label} [-p PIN] [-w seconds]

DESCRIPTION
       pkcs11-destroy destroys keys stored in a PKCS#11 device, identified by their ID or label.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information