ddns-confgen.html revision 351b62535d4c4f89883bfdba025999dd32490266
7bd455641455950eff7d21be652c8142b134d32fTinderbox User - Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2001, 2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Permission to use, copy, modify, and distribute this software for any
8cbf3b6fc35091abde426930f2eadb8f53476c98Evan Hunt - purpose with or without fee is hereby granted, provided that the above
866d106459313499d0ca7bfccb4b2d23d5e4377cDavid Lawrence - copyright notice and this permission notice appear in all copies.
bff64bf12b58a6f80e740e94f2e42a32df18113aEvan Hunt - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
866d106459313499d0ca7bfccb4b2d23d5e4377cDavid Lawrence - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
7c74e180c206e6ed99e8beb820da5f399d845c3eDavid Lawrence - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
92b796c963e7ba0217debfa27a0709f94934f5d5Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
03e200df5dc283f24a6a349f0b31d3eab26da893Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
a5d43b72413db3edd6b36a58f9bdf2cf6ff692f2Bob Halley - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
a5d43b72413db3edd6b36a58f9bdf2cf6ff692f2Bob Halley - PERFORMANCE OF THIS SOFTWARE.
a5d43b72413db3edd6b36a58f9bdf2cf6ff692f2Bob Halley<!-- $Id: ddns-confgen.html,v 1.2 2009/06/10 00:27:21 each Exp $ -->
ccdac53c027e8964753b36c4d8c7b0e98af501c2Michael Graff<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
f4ea363e3acc321b24ffe95a64a583e8041d6fd5Mark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.67.2">
f4ea363e3acc321b24ffe95a64a583e8041d6fd5Mark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
f4ea363e3acc321b24ffe95a64a583e8041d6fd5Mark Andrews<a name="man.ddns-confgen"></a><div class="titlepage"></div>
f4ea363e3acc321b24ffe95a64a583e8041d6fd5Mark Andrews<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
f4ea363e3acc321b24ffe95a64a583e8041d6fd5Mark Andrews<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [<code class="option">-s</code>] [<code class="option">-q</code>] [name]</p></div>
a903095bf4512dae561c7f6fc7854a51bebf334aMark Andrews<p><span><strong class="command">ddns-confgen</strong></span>
ccdac53c027e8964753b36c4d8c7b0e98af501c2Michael Graff generates a key for use by <span><strong class="command">nsupdate</strong></span>
ccdac53c027e8964753b36c4d8c7b0e98af501c2Michael Graff and <span><strong class="command">named</strong></span>. It simplifies configuration
ccdac53c027e8964753b36c4d8c7b0e98af501c2Michael Graff of dynamic zones by generating a key and providing the
ccdac53c027e8964753b36c4d8c7b0e98af501c2Michael Graff <span><strong class="command">nsupdate</strong></span> and <span><strong class="command">named.conf</strong></span>
3d776d762914d1b675b4fd49728ce353ccf6f77eBrian Wellington syntax that will be needed to use it, including an example
5b7abbef511cea0b568be0bc8d5b3120a0b9034dEvan Hunt <span><strong class="command">update-policy</strong></span> statement.
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews If a domain name is specified on the command line, it will
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews be used in the name of the generated key and in the sample
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews <span><strong class="command">named.conf</strong></span> syntax. For example,
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews <span><strong class="command">ddns-confgen example.com</strong></span> would
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews generate a key called "ddns-key.example.com", and sample
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews <span><strong class="command">named.conf</strong></span> command that could be used
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews in the zone definition for "example.com".
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews Note that <span><strong class="command">named</strong></span> itself can configure a
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>.
11dbf2fc38eea8c5d3fe7123718bf197a8bb2e6bMark Andrews <span><strong class="command">ddns-confgen</strong></span> is only needed when a
11463c0ac24692e229ec87f307f5e7df3c0a7e10Evan Hunt more elaborate configuration is required: for instance, if
11463c0ac24692e229ec87f307f5e7df3c0a7e10Evan Hunt <span><strong class="command">nsupdate</strong></span> is to be used from a remote system.
32ebb157b1d9409a186c86002827f8a1f4931f5aMark Andrews<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
32ebb157b1d9409a186c86002827f8a1f4931f5aMark Andrews Specifies the algorithm to use for the TSIG key. Available
84f95ddb2572641022619950a211aff49e331c98Mukund Sivaraman choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
32ebb157b1d9409a186c86002827f8a1f4931f5aMark Andrews hmac-sha384 and hmac-sha512. The default is hmac-sha256.
1c1290afabb3c8f4dd498170ac9592e5be450161Mark Andrews Prints a short summary of the options and arguments to
11463c0ac24692e229ec87f307f5e7df3c0a7e10Evan Hunt <span><strong class="command">ddns-confgen</strong></span>.
800cfc8a5ce9ffacfc076003b34b5f787f82c701Mark Andrews<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
32ebb157b1d9409a186c86002827f8a1f4931f5aMark Andrews Specifies the key name of the DDNS authentication key.
800cfc8a5ce9ffacfc076003b34b5f787f82c701Mark Andrews The default is <code class="constant">ddns-key</code>.
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt The key name must have the format of a valid domain name,
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki consisting of letters, digits, hyphens and periods.
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki Quiet mode: Print only the key, with no explanatory text or
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki usage examples.
19d80ce5844e00a021643759adcbe27c11b485a0Witold Krecicki<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
8bcd80824c51c802c2927236b012cd526f569b04Mark Andrews Specifies a source of random data for generating the
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt authorization. If the operating system does not provide a
8bcd80824c51c802c2927236b012cd526f569b04Mark Andrews <code class="filename">/dev/random</code> or equivalent device, the
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt default source of randomness is keyboard input.
1831311ac6179951c8fcca75aa29dc2f5c0218b9Francis Dupont <code class="filename">randomdev</code> specifies the name of a
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt character device or file containing random data to be used
206e697f24e47b8868bd68a5b6ef42f5f62e39d5Evan Hunt instead of the default. The special value
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt <code class="filename">keyboard</code> indicates that keyboard input
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt should be used.
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt Self mode: The example <span><strong class="command">named.conf</strong></span> text
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt shows how to set an update policy using the "self" nametype,
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt using a single key per each domain name for updates, instead of
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt the "subdomain" nametype which allows matching on any name
2a80bc01530013293016172b1dcc1d12471ccf33Mark Andrews within a specified domain.
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
6fa84a3e255ef9e6233f0a8d134fc6d273f04599Evan Hunt<p><span class="corpauthor">Internet Systems Consortium</span>