bin/confgen/ddns-confgen.html

	ddns-confgen.html revision f5ae3cca1d2832239cc821bdef77e90c1739e66d
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<!--
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson - Copyright (C) 2009, 2014 Internet Systems Consortium, Inc. ("ISC")
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson -
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - Permission to use, copy, modify, and/or distribute this software for any
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - purpose with or without fee is hereby granted, provided that the above
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - copyright notice and this permission notice appear in all copies.
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson -
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson - PERFORMANCE OF THIS SOFTWARE.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson-->
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<!-- $Id$ -->
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<html>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<head>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<title>ddns-confgen</title>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</head>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<a name="man.ddns-confgen"></a><div class="titlepage"></div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refnamediv">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<h2>Name</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refsynopsisdiv">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<h2>Synopsis</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refsect1" lang="en">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<a name="id2543426"></a><h2>DESCRIPTION</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      are invocation methods for a utility that generates keys for use
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      in TSIG signing.  The resulting keys can be used, for example,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      to secure dynamic DNS updates to a zone or for the
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">rndc</strong></span> command channel.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      can be specified on the command line which will be used as
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      the name of the generated key.  If no name is specified,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      the default is <code class="constant">tsig-key</code>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      key is accompanied by configuration text and instructions
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      that can be used with <span><strong class="command">nsupdate</strong></span> and
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">named</strong></span> when setting up dynamic DNS,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      including an example <span><strong class="command">update-policy</strong></span>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      statement.  (This usage similar to the
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">rndc-confgen</strong></span> command for setting
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      up command channel security.)
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      Note that <span><strong class="command">named</strong></span> itself can configure a
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      it does this when a zone is configured with
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">update-policy local;</strong></span>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span><strong class="command">ddns-confgen</strong></span> is only needed when a
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      more elaborate configuration is required: for instance,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      system.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refsect1" lang="en">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<a name="id2543499"></a><h2>OPTIONS</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="variablelist"><dl>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            Specifies the algorithm to use for the TSIG key.  Available
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            Options are case-insensitive, and the "hmac-" prefix
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            may be omitted.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-h</span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        Prints a short summary of options and arguments.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        Specifies the key name of the DDNS authentication key.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        The default is <code class="constant">ddns-key</code> when neither
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        the <code class="option">-s</code> nor <code class="option">-z</code> option is
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        specified; otherwise, the default
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        is <code class="constant">ddns-key</code> as a separate label
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        followed by the argument of the option, e.g.,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        <code class="constant">ddns-key.example.com.</code>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        The key name must have the format of a valid domain name,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        consisting of letters, digits, hyphens and periods.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-q</span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode:  Print
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            only the key, with no explanatory text or usage examples;
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            Specifies a source of random data for generating the
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            authorization.  If the operating system does not provide a
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            <code class="filename">/dev/random</code> or equivalent device, the
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            default source of randomness is keyboard input.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            <code class="filename">randomdev</code> specifies the name of a
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            character device or file containing random data to be used
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            instead of the default.  The special value
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            <code class="filename">keyboard</code> indicates that keyboard input
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            should be used.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson<dd><p>
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson            (<span><strong class="command">ddns-confgen</strong></span> only.)
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson        Generate configuration example to allow dynamic updates
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson            of a single hostname.  The example <span><strong class="command">named.conf</strong></span>
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson            text shows how to set an update policy for the specified
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            <em class="replaceable"><code>name</code></em>
8eea877894ea5bcf5cdd9ca124a8601ad421d753Andreas Gustafsson        using the "name" nametype.  The default key name is
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        ddns-key.<em class="replaceable"><code>name</code></em>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        Note that the "self" nametype cannot be used, since
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        the name to be updated may differ from the key name.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        This option cannot be used with the <code class="option">-z</code> option.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<dd><p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            (<span><strong class="command">ddns-confgen</strong></span> only.)
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        Generate configuration example to allow dynamic updates
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            of a zone:  The example <span><strong class="command">named.conf</strong></span> text
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            shows how to set an update policy for the specified
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        <em class="replaceable"><code>zone</code></em>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        using the "zonesub" nametype, allowing updates to
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            all subdomain names within that
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson            <em class="replaceable"><code>zone</code></em>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson        This option cannot be used with the <code class="option">-s</code> option.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      </p></dd>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</dl></div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refsect1" lang="en">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<a name="id2543697"></a><h2>SEE ALSO</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<div class="refsect1" lang="en">
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<a name="id2543735"></a><h2>AUTHOR</h2>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson<p><span class="corpauthor">Internet Systems Consortium</span>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson    </p>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</div></body>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson</html>
ddccd5811feff696ba460dabfb666ce61040f545Andreas Gustafsson