bin/confgen/ddns-confgen.html

	ddns-confgen.html revision 33d0a7767d53cb366039fd0ac4f63cf8a9c351b0
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<!--
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - Copyright (C) 2009, 2014-2016 Internet Systems Consortium, Inc. ("ISC")
f198c0ec200763fe1b0db998cd9418f412be8361Tim Reddehase -
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - Permission to use, copy, modify, and/or distribute this software for any
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - purpose with or without fee is hereby granted, provided that the above
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - copyright notice and this permission notice appear in all copies.
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase -
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase - PERFORMANCE OF THIS SOFTWARE.
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase-->
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<html>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<head>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<title>ddns-confgen</title>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase</head>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<a name="man.ddns-confgen"></a><div class="titlepage"></div>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="refnamediv">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<h2>Name</h2>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase</div>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="refsynopsisdiv">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<h2>Synopsis</h2>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase</div>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="refsection">
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<a name="id-1.7"></a><h2>DESCRIPTION</h2>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      are invocation methods for a utility that generates keys for use
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      in TSIG signing.  The resulting keys can be used, for example,
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      to secure dynamic DNS updates to a zone or for the
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      <span class="command"><strong>rndc</strong></span> command channel.
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase    </p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      can be specified on the command line which will be used as
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      the name of the generated key.  If no name is specified,
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      the default is <code class="constant">tsig-key</code>.
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase    </p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<p>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      key is accompanied by configuration text and instructions
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      that can be used with <span class="command"><strong>nsupdate</strong></span> and
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase      <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      including an example <span class="command"><strong>update-policy</strong></span>
97dfacbded027925c7a164ab8a095e8ec5950a88Eugen Kuksa      statement.  (This usage similar to the
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      <span class="command"><strong>rndc-confgen</strong></span> command for setting
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      up command channel security.)
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase    </p>
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase<p>
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      Note that <span class="command"><strong>named</strong></span> itself can configure a
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      it does this when a zone is configured with
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      <span class="command"><strong>update-policy local;</strong></span>.
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      more elaborate configuration is required: for instance,
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase      system.
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase    </p>
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase</div>
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase<div class="refsection">
770b1cbc08153828735085b08c04d3211de54cd9Tim Reddehase<a name="id-1.8"></a><h2>OPTIONS</h2>
fb18a87f25e7baabdda078d6017a30aced0af55aTim Reddehase<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd><p>
            Specifies the algorithm to use for the TSIG key.  Available
            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
            Options are case-insensitive, and the "hmac-" prefix
            may be omitted.
      </p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
        Prints a short summary of options and arguments.
      </p></dd>
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
<dd><p>
        Specifies the key name of the DDNS authentication key.
        The default is <code class="constant">ddns-key</code> when neither
        the <code class="option">-s</code> nor <code class="option">-z</code> option is
        specified; otherwise, the default
        is <code class="constant">ddns-key</code> as a separate label
        followed by the argument of the option, e.g.,
        <code class="constant">ddns-key.example.com.</code>
        The key name must have the format of a valid domain name,
        consisting of letters, digits, hyphens and periods.
      </p></dd>
<dt><span class="term">-q</span></dt>
<dd><p>
        (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode:  Print
            only the key, with no explanatory text or usage examples;
            This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
      </p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd><p>
            Specifies a source of random data for generating the
            authorization.  If the operating system does not provide a
            <code class="filename">/dev/random</code> or equivalent device, the
            default source of randomness is keyboard input.
            <code class="filename">randomdev</code> specifies the name of a
            character device or file containing random data to be used
            instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard input
            should be used.
      </p></dd>
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
<dd><p>
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
        Generate configuration example to allow dynamic updates
            of a single hostname.  The example <span class="command"><strong>named.conf</strong></span>
            text shows how to set an update policy for the specified
            <em class="replaceable"><code>name</code></em>
        using the "name" nametype.  The default key name is
        ddns-key.<em class="replaceable"><code>name</code></em>.
        Note that the "self" nametype cannot be used, since
        the name to be updated may differ from the key name.
        This option cannot be used with the <code class="option">-z</code> option.
      </p></dd>
<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
<dd><p>
            (<span class="command"><strong>ddns-confgen</strong></span> only.)
        Generate configuration example to allow dynamic updates
            of a zone:  The example <span class="command"><strong>named.conf</strong></span> text
            shows how to set an update policy for the specified
        <em class="replaceable"><code>zone</code></em>
        using the "zonesub" nametype, allowing updates to
            all subdomain names within that
            <em class="replaceable"><code>zone</code></em>.
        This option cannot be used with the <code class="option">-s</code> option.
      </p></dd>
</dl></div>
</div>
<div class="refsection">
<a name="id-1.9"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
</div>
</div></body>
</html>