man.ddns-confgen.html revision d6fa26d0adaec6c910115be34fe7a5a5f402c14f
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews - Copyright (C) 2000-2015 Internet Systems Consortium, Inc. ("ISC")
99d8f5a70440ee8b63ab1745d713b96dde890546Tinderbox User - This Source Code Form is subject to the terms of the Mozilla Public
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews - License, v. 2.0. If a copy of the MPL was not distributed with this
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews - file, You can obtain one at http://mozilla.org/MPL/2.0/.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<link rel="next" href="man.arpaname.html" title="arpaname">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<table width="100%" summary="Navigation header">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<th width="60%" align="center">Manual pages</th>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<a name="man.ddns-confgen"></a><div class="titlepage"></div>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
a094c46640de70bb03a9351211fb17c41b6fbbb5Automatic Updater<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
06140f733a711340d20650b9b096efe234d6ebcbAutomatic Updater<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews are invocation methods for a utility that generates keys for use
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews in TSIG signing. The resulting keys can be used, for example,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews to secure dynamic DNS updates to a zone or for the
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>rndc</strong></span> command channel.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
35490da6150316932957908f2f85109ecf9f7c59Jeremy Reed can be specified on the command line which will be used as
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews the name of the generated key. If no name is specified,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews the default is <code class="constant">tsig-key</code>.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews key is accompanied by configuration text and instructions
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews that can be used with <span class="command"><strong>nsupdate</strong></span> and
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews including an example <span class="command"><strong>update-policy</strong></span>
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt statement. (This usage similar to the
35490da6150316932957908f2f85109ecf9f7c59Jeremy Reed <span class="command"><strong>rndc-confgen</strong></span> command for setting
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt up command channel security.)
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt Note that <span class="command"><strong>named</strong></span> itself can configure a
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt it does this when a zone is configured with
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>update-policy local;</strong></span>.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews more elaborate configuration is required: for instance,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<div class="variablelist"><dl class="variablelist">
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews Specifies the algorithm to use for the TSIG key. Available
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews hmac-sha384 and hmac-sha512. The default is hmac-sha256.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews Options are case-insensitive, and the "hmac-" prefix
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews may be omitted.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews Prints a short summary of options and arguments.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews Specifies the key name of the DDNS authentication key.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews The default is <code class="constant">ddns-key</code> when neither
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews the <code class="option">-s</code> nor <code class="option">-z</code> option is
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews specified; otherwise, the default
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews is <code class="constant">ddns-key</code> as a separate label
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews followed by the argument of the option, e.g.,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <code class="constant">ddns-key.example.com.</code>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews The key name must have the format of a valid domain name,
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews consisting of letters, digits, hyphens and periods.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode: Print
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews only the key, with no explanatory text or usage examples;
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
37dee1ff94960a61243f611c0f87f8c316815c53Mark Andrews<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
aaaf8d4f4873d21e55c3ffb4f656203d08339865Mark Andrews Specifies a source of random data for generating the
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews authorization. If the operating system does not provide a
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <code class="filename">/dev/random</code> or equivalent device, the
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews default source of randomness is keyboard input.
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews <code class="filename">randomdev</code> specifies the name of a
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews character device or file containing random data to be used
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews instead of the default. The special value
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews <code class="filename">keyboard</code> indicates that keyboard input
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews should be used.
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews (<span class="command"><strong>ddns-confgen</strong></span> only.)
b1c6de5456a5287b442de5620282902da39a4968Mark Andrews Generate configuration example to allow dynamic updates
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews of a single hostname. The example <span class="command"><strong>named.conf</strong></span>
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt text shows how to set an update policy for the specified
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews using the "name" nametype. The default key name is
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt ddns-key.<em class="replaceable"><code>name</code></em>.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt Note that the "self" nametype cannot be used, since
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt the name to be updated may differ from the key name.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt This option cannot be used with the <code class="option">-z</code> option.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt (<span class="command"><strong>ddns-confgen</strong></span> only.)
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt Generate configuration example to allow dynamic updates
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt of a zone: The example <span class="command"><strong>named.conf</strong></span> text
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt shows how to set an update policy for the specified
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt using the "zonesub" nametype, allowing updates to
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt all subdomain names within that
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt This option cannot be used with the <code class="option">-s</code> option.
0a82492610e2424bb999946bd6e5a13c83f453b4Mark Andrews<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
2ae23f7fc6f9422a1a4198e82778c92aba4577d3Mark Andrews <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
0a82492610e2424bb999946bd6e5a13c83f453b4Mark Andrews <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
0a82492610e2424bb999946bd6e5a13c83f453b4Mark Andrews <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
553ead32ff5b00284e574dcabc39115d4d74ec66Evan Hunt<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
582f8b9a8d170a80ef67475bddb8ad5cf7cd7cadMark Andrews<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
b272d38cc5d24f64c0647a9afb340c21c4b9aaf7Evan Hunt<span class="application">rndc-confgen</span>�</td>
b272d38cc5d24f64c0647a9afb340c21c4b9aaf7Evan Hunt<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
b272d38cc5d24f64c0647a9afb340c21c4b9aaf7Evan Hunt<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
35490da6150316932957908f2f85109ecf9f7c59Jeremy Reed<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.0rc1</p>