man.ddns-confgen.html revision cd32f419a8a5432fbb139f56ee73cbf68b9350cc
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - Copyright (C) 2000-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - purpose with or without fee is hereby granted, provided that the above
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - copyright notice and this permission notice appear in all copies.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - PERFORMANCE OF THIS SOFTWARE.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<!-- $Id$ -->
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<link rel="next" href="man.arpaname.html" title="arpaname">
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
c1a883f2e04d94e99c433b1f6cfd0c0338f4ed85Mark Andrews<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
cfa2326b5c96a3a4c720262e077b2baf9fc27970Tinderbox User<th width="60%" align="center">Manual pages</th>
81f58902eb5a1c1ab22742c72bd6cf318acbc06aTinderbox User<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<a name="man.ddns-confgen"></a><div class="titlepage"></div>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt are invocation methods for a utility that generates keys for use
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt in TSIG signing. The resulting keys can be used, for example,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt to secure dynamic DNS updates to a zone or for the
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">rndc</strong></span> command channel.
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt can be specified on the command line which will be used as
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews the name of the generated key. If no name is specified,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein the default is <code class="constant">tsig-key</code>.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein key is accompanied by configuration text and instructions
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein that can be used with <span><strong class="command">nsupdate</strong></span> and
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <span><strong class="command">named</strong></span> when setting up dynamic DNS,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein including an example <span><strong class="command">update-policy</strong></span>
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley statement. (This usage similar to the
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <span><strong class="command">rndc-confgen</strong></span> command for setting
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt up command channel security.)
122c58bd11790c7576cdb1c6fd8e4439d0d7f7a5Mark Andrews Note that <span><strong class="command">named</strong></span> itself can configure a
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt it does this when a zone is configured with
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt <span><strong class="command">update-policy local;</strong></span>.
4eb998928b9aef0ceda42d7529980d658138698aEvan Hunt <span><strong class="command">ddns-confgen</strong></span> is only needed when a
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein more elaborate configuration is required: for instance,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Specifies the algorithm to use for the TSIG key. Available
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt hmac-sha384 and hmac-sha512. The default is hmac-sha256.
30eec077db2bdcb6f2a0dc388a3cdde2ede75ec1Mark Andrews Options are case-insensitive, and the "hmac-" prefix
4610465ed9408cbe434dbfb8be8ea53f48969c91Bob Halley may be omitted.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Prints a short summary of options and arguments.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Specifies the key name of the DDNS authentication key.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt The default is <code class="constant">ddns-key</code> when neither
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt the <code class="option">-s</code> nor <code class="option">-z</code> option is
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt specified; otherwise, the default
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt is <code class="constant">ddns-key</code> as a separate label
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt followed by the argument of the option, e.g.,
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <code class="constant">ddns-key.example.com.</code>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt The key name must have the format of a valid domain name,
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt consisting of letters, digits, hyphens and periods.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt only the key, with no explanatory text or usage examples;
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Specifies a source of random data for generating the
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt authorization. If the operating system does not provide a
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <code class="filename">/dev/random</code> or equivalent device, the
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt default source of randomness is keyboard input.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <code class="filename">randomdev</code> specifies the name of a
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt character device or file containing random data to be used
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt instead of the default. The special value
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <code class="filename">keyboard</code> indicates that keyboard input
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt should be used.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt (<span><strong class="command">ddns-confgen</strong></span> only.)
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Generate configuration example to allow dynamic updates
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt of a single hostname. The example <span><strong class="command">named.conf</strong></span>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt text shows how to set an update policy for the specified
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt using the "name" nametype. The default key name is
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt ddns-key.<em class="replaceable"><code>name</code></em>.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Note that the "self" nametype cannot be used, since
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt the name to be updated may differ from the key name.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt This option cannot be used with the <code class="option">-z</code> option.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt (<span><strong class="command">ddns-confgen</strong></span> only.)
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt Generate configuration example to allow dynamic updates
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt of a zone: The example <span><strong class="command">named.conf</strong></span> text
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt shows how to set an update policy for the specified
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt using the "zonesub" nametype, allowing updates to
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt all subdomain names within that
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt This option cannot be used with the <code class="option">-s</code> option.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<p><span class="corpauthor">Internet Systems Consortium</span>
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
9e804040a29b9c3066c8471b43835f30707039b7Evan Hunt<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<span class="application">rndc-confgen</span>�</td>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
591389c7d44e5ca20c357627dd179772cfefaaccEvan Hunt<p style="text-align: center;">BIND 9.11.0pre-alpha</p>