ddns-confgen.html revision d6fa26d0adaec6c910115be34fe7a5a5f402c14f
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
6a42ab64276ff832a47e009be1208f7c7d4da22dAutomatic Updater - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
4a14ce5ba00ab7bc55c99ffdcf59c7a4ab902721Automatic Updater - This Source Code Form is subject to the terms of the Mozilla Public
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews - License, v. 2.0. If a copy of the MPL was not distributed with this
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews - file, You can obtain one at http://mozilla.org/MPL/2.0/.
6a42ab64276ff832a47e009be1208f7c7d4da22dAutomatic Updater<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<a name="man.ddns-confgen"></a><div class="titlepage"></div>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
f9aef05653eeb454c489d5bd2bde6daab774ad4aTinderbox User<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews are invocation methods for a utility that generates keys for use
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews in TSIG signing. The resulting keys can be used, for example,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews to secure dynamic DNS updates to a zone or for the
f9aef05653eeb454c489d5bd2bde6daab774ad4aTinderbox User <span class="command"><strong>rndc</strong></span> command channel.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews can be specified on the command line which will be used as
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews the name of the generated key. If no name is specified,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews the default is <code class="constant">tsig-key</code>.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User key is accompanied by configuration text and instructions
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews that can be used with <span class="command"><strong>nsupdate</strong></span> and
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews including an example <span class="command"><strong>update-policy</strong></span>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User statement. (This usage similar to the
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>rndc-confgen</strong></span> command for setting
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User up command channel security.)
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Note that <span class="command"><strong>named</strong></span> itself can configure a
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User it does this when a zone is configured with
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <span class="command"><strong>update-policy local;</strong></span>.
b27ce68bae92006e2ad7a9b75602c6385e529c3bAutomatic Updater <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
922312472e2e05ebc64993d465999c5351b83036Automatic Updater more elaborate configuration is required: for instance,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<div class="variablelist"><dl class="variablelist">
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Specifies the algorithm to use for the TSIG key. Available
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User hmac-sha384 and hmac-sha512. The default is hmac-sha256.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Options are case-insensitive, and the "hmac-" prefix
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User may be omitted.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Prints a short summary of options and arguments.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
481870b95fee976541f4fe455c0ef2dbeab3ec7aTinderbox User Specifies the key name of the DDNS authentication key.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User The default is <code class="constant">ddns-key</code> when neither
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User the <code class="option">-s</code> nor <code class="option">-z</code> option is
481870b95fee976541f4fe455c0ef2dbeab3ec7aTinderbox User specified; otherwise, the default
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User is <code class="constant">ddns-key</code> as a separate label
e839bf134fb138920d4833cf05cb8b8906787a8dAutomatic Updater followed by the argument of the option, e.g.,
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <code class="constant">ddns-key.example.com.</code>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User The key name must have the format of a valid domain name,
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User consisting of letters, digits, hyphens and periods.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode: Print
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User only the key, with no explanatory text or usage examples;
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
795a316ec568b2470aab18b9481443966047652eAutomatic Updater<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Specifies a source of random data for generating the
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User authorization. If the operating system does not provide a
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <code class="filename">/dev/random</code> or equivalent device, the
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User default source of randomness is keyboard input.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <code class="filename">randomdev</code> specifies the name of a
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User character device or file containing random data to be used
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User instead of the default. The special value
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <code class="filename">keyboard</code> indicates that keyboard input
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User should be used.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User (<span class="command"><strong>ddns-confgen</strong></span> only.)
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Generate configuration example to allow dynamic updates
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User of a single hostname. The example <span class="command"><strong>named.conf</strong></span>
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater text shows how to set an update policy for the specified
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <em class="replaceable"><code>name</code></em>
6478b87fd23bcd3ab74c25b261021fe19a239c4fTinderbox User using the "name" nametype. The default key name is
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater ddns-key.<em class="replaceable"><code>name</code></em>.
9d557856c2a19ec95ee73245f60a92f8675cf5baTinderbox User Note that the "self" nametype cannot be used, since
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User the name to be updated may differ from the key name.
ca67ebfe9eef0b8f04179f7e511a19e0337a5422Automatic Updater This option cannot be used with the <code class="option">-z</code> option.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User (<span class="command"><strong>ddns-confgen</strong></span> only.)
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User Generate configuration example to allow dynamic updates
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User of a zone: The example <span class="command"><strong>named.conf</strong></span> text
481870b95fee976541f4fe455c0ef2dbeab3ec7aTinderbox User shows how to set an update policy for the specified
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <em class="replaceable"><code>zone</code></em>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews using the "zonesub" nametype, allowing updates to
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User all subdomain names within that
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <em class="replaceable"><code>zone</code></em>.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User This option cannot be used with the <code class="option">-s</code> option.
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
e62b9c9ce6413fb183c8116381e75dcd07ca5517Tinderbox User <em class="citetitle">BIND 9 Administrator Reference Manual</em>.