doc/arm/man.ddns-confgen.html

	man.ddns-confgen.html revision ec899c963c91c16c393e067996400ae244921110
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<!--
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - Copyright (C) 2000-2003 Internet Software Consortium.
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering -
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - Permission to use, copy, modify, and/or distribute this software for any
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering - purpose with or without fee is hereby granted, provided that the above
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering - copyright notice and this permission notice appear in all copies.
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering -
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering - PERFORMANCE OF THIS SOFTWARE.
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering-->
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<!-- $Id$ -->
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<html>
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<head>
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<title>ddns-confgen</title>
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<link rel="next" href="man.arpaname.html" title="arpaname">
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering</head>
340d89e06e503836de9c124d650845f4889f8c2cLennart Poettering<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
<table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
</td>
</tr>
</table>
<hr>
</div>
<div class="refentry" lang="en">
<a name="man.ddns-confgen"></a><div class="titlepage"></div>
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
</div>
<div class="refsect1" lang="en">
<a name="id2663371"></a><h2>DESCRIPTION</h2>
<p>
      <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
      are invokation methods for a utility that generates keys for use
      in TSIG signing.  The resulting keys can be used, for example,
      to secure dynamic DNS updates to a zone or for the
      <span><strong class="command">rndc</strong></span> command channel.
    </p>
<p>
      When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
      can be specified on the command line which will be used as
      the name of the generated key.  If no name is specified,
      the default is <code class="constant">tsig-key</code>.
    </p>
<p>
      When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
      key is accompanied by configuration text and instructions
      that can be used with <span><strong class="command">nsupdate</strong></span> and
      <span><strong class="command">named</strong></span> when setting up dynamic DNS,
      including an example <span><strong class="command">update-policy</strong></span>
      statement.  (This usage similar to the
      <span><strong class="command">rndc-confgen</strong></span> command for setting
      up command channel security.)
    </p>
<p>
      Note that <span><strong class="command">named</strong></span> itself can configure a
      local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
      it does this when a zone is configured with
      <span><strong class="command">update-policy local;</strong></span>.
      <span><strong class="command">ddns-confgen</strong></span> is only needed when a
      more elaborate configuration is required: for instance,
      if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
      system.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2663475"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl>
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
<dd><p>
            Specifies the algorithm to use for the TSIG key.  Available
            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
            Options are case-insensitive, and the "hmac-" prefix
            may be omitted.
      </p></dd>
<dt><span class="term">-h</span></dt>
<dd><p>
        Prints a short summary of options and arguments.
      </p></dd>
<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
<dd><p>
        Specifies the key name of the DDNS authentication key.
        The default is <code class="constant">ddns-key</code> when neither
        the <code class="option">-s</code> nor <code class="option">-z</code> option is
        specified; otherwise, the default
        is <code class="constant">ddns-key</code> as a separate label
        followed by the argument of the option, e.g.,
        <code class="constant">ddns-key.example.com.</code>
        The key name must have the format of a valid domain name,
        consisting of letters, digits, hyphens and periods.
      </p></dd>
<dt><span class="term">-q</span></dt>
<dd><p>
        (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode:  Print
            only the key, with no explanatory text or usage examples;
            This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
      </p></dd>
<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
<dd><p>
            Specifies a source of random data for generating the
            authorization.  If the operating system does not provide a
            <code class="filename">/dev/random</code> or equivalent device, the
            default source of randomness is keyboard input.
            <code class="filename">randomdev</code> specifies the name of a
            character device or file containing random data to be used
            instead of the default.  The special value
            <code class="filename">keyboard</code> indicates that keyboard input
            should be used.
      </p></dd>
<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
<dd><p>
            (<span><strong class="command">ddns-confgen</strong></span> only.)
        Generate configuration example to allow dynamic updates
            of a single hostname.  The example <span><strong class="command">named.conf</strong></span>
            text shows how to set an update policy for the specified
            <em class="replaceable"><code>name</code></em>
        using the "name" nametype.  The default key name is
        ddns-key.<em class="replaceable"><code>name</code></em>.
        Note that the "self" nametype cannot be used, since
        the name to be updated may differ from the key name.
        This option cannot be used with the <code class="option">-z</code> option.
      </p></dd>
<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
<dd><p>
            (<span><strong class="command">ddns-confgen</strong></span> only.)
        Generate configuration example to allow dynamic updates
            of a zone:  The example <span><strong class="command">named.conf</strong></span> text
            shows how to set an update policy for the specified
        <em class="replaceable"><code>zone</code></em>
        using the "zonesub" nametype, allowing updates to
            all subdomain names within that
            <em class="replaceable"><code>zone</code></em>.
        This option cannot be used with the <code class="option">-s</code> option.
      </p></dd>
</dl></div>
</div>
<div class="refsect1" lang="en">
<a name="id2663691"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
    </p>
</div>
<div class="refsect1" lang="en">
<a name="id2663730"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
    </p>
</div>
</div>
<div class="navfooter">
<hr>
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">rndc-confgen</span>�</td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
</td>
</tr>
</table>
</div>
</body>
</html>