ddns-confgen.docbook revision 83a28ca274521e15086fc39febde507bcc4e145e
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll - This Source Code Form is subject to the terms of the Mozilla Public
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll - License, v. 2.0. If a copy of the MPL was not distributed with this
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll - file, You can obtain one at http://mozilla.org/MPL/2.0/.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll<!-- Converted by db4-upgrade version 1.0 -->
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll<refentry xmlns:db="http://docbook.org/ns/docbook" version="5.0" xml:id="man.ddns-confgen">
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refentryinfo>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <corpauthor>Internet Systems Consortium, Inc.</corpauthor>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </refentryinfo>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refentrytitle><application>ddns-confgen</application></refentrytitle>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refname><application>ddns-confgen</application></refname>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refpurpose>ddns key generation tool</refpurpose>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </refnamediv>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refsynopsisdiv>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-a <replaceable class="parameter">algorithm</replaceable></option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-h</option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat">name</arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </cmdsynopsis>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-a <replaceable class="parameter">algorithm</replaceable></option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-h</option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-k <replaceable class="parameter">keyname</replaceable></option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-q</option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="opt" rep="norepeat"><option>-r <replaceable class="parameter">randomfile</replaceable></option></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="plain" rep="norepeat">-s <replaceable class="parameter">name</replaceable></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <arg choice="plain" rep="norepeat">-z <replaceable class="parameter">zone</replaceable></arg>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </cmdsynopsis>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </refsynopsisdiv>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refsection><info><title>DESCRIPTION</title></info>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <command>tsig-keygen</command> and <command>ddns-confgen</command>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll are invocation methods for a utility that generates keys for use
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll in TSIG signing. The resulting keys can be used, for example,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll to secure dynamic DNS updates to a zone or for the
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll When run as <command>tsig-keygen</command>, a domain name
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll can be specified on the command line which will be used as
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll the name of the generated key. If no name is specified,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll the default is <constant>tsig-key</constant>.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll When run as <command>ddns-confgen</command>, the generated
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll key is accompanied by configuration text and instructions
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll that can be used with <command>nsupdate</command> and
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <command>named</command> when setting up dynamic DNS,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll including an example <command>update-policy</command>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll statement. (This usage similar to the
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <command>rndc-confgen</command> command for setting
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll up command channel security.)
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Note that <command>named</command> itself can configure a
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll local DDNS key for use with <command>nsupdate -l</command>:
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll it does this when a zone is configured with
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <command>ddns-confgen</command> is only needed when a
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll more elaborate configuration is required: for instance,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll if <command>nsupdate</command> is to be used from a remote
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </refsection>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refsection><info><title>OPTIONS</title></info>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <variablelist>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <term>-a <replaceable class="parameter">algorithm</replaceable></term>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Specifies the algorithm to use for the TSIG key. Available
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll hmac-sha384 and hmac-sha512. The default is hmac-sha256.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Options are case-insensitive, and the "hmac-" prefix
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll may be omitted.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Prints a short summary of options and arguments.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <term>-k <replaceable class="parameter">keyname</replaceable></term>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Specifies the key name of the DDNS authentication key.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll The default is <constant>ddns-key</constant> when neither
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll the <option>-s</option> nor <option>-z</option> option is
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll specified; otherwise, the default
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll is <constant>ddns-key</constant> as a separate label
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll followed by the argument of the option, e.g.,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll The key name must have the format of a valid domain name,
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll consisting of letters, digits, hyphens and periods.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll (<command>ddns-confgen</command> only.) Quiet mode: Print
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll only the key, with no explanatory text or usage examples;
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll This is essentially identical to <command>tsig-keygen</command>.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <term>-r <replaceable class="parameter">randomfile</replaceable></term>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Specifies a source of random data for generating the
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll authorization. If the operating system does not provide a
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <filename>/dev/random</filename> or equivalent device, the
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll default source of randomness is keyboard input.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <filename>randomdev</filename> specifies the name of a
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll character device or file containing random data to be used
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll instead of the default. The special value
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <filename>keyboard</filename> indicates that keyboard input
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll should be used.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <term>-s <replaceable class="parameter">name</replaceable></term>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Generate configuration example to allow dynamic updates
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll of a single hostname. The example <command>named.conf</command>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll text shows how to set an update policy for the specified
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <replaceable class="parameter">name</replaceable>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll using the "name" nametype. The default key name is
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll ddns-key.<replaceable class="parameter">name</replaceable>.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Note that the "self" nametype cannot be used, since
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll the name to be updated may differ from the key name.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll This option cannot be used with the <option>-z</option> option.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <term>-z <replaceable class="parameter">zone</replaceable></term>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll Generate configuration example to allow dynamic updates
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll of a zone: The example <command>named.conf</command> text
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll shows how to set an update policy for the specified
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <replaceable class="parameter">zone</replaceable>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll using the "zonesub" nametype, allowing updates to
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll all subdomain names within that
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <replaceable class="parameter">zone</replaceable>.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll This option cannot be used with the <option>-s</option> option.
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </varlistentry>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </variablelist>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll </refsection>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refsection><info><title>SEE ALSO</title></info>
f717cf302ad33ac8dcb06cab149e63a1f07618c5Wyllys Ingersoll <refentrytitle>nsupdate</refentrytitle><manvolnum>1</manvolnum>