man.ddns-confgen.html revision 11e9368a226272085c337e9e74b79808c16fbdba
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - Copyright (C) 2000-2003 Internet Software Consortium.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - Permission to use, copy, modify, and/or distribute this software for any
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - purpose with or without fee is hereby granted, provided that the above
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - copyright notice and this permission notice appear in all copies.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek - PERFORMANCE OF THIS SOFTWARE.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<!-- $Id$ -->
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
c75cc341903ca38e644edfae5357a4020418f9be<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
3c7284bd3243d42a710edac3a15f6019b4c849beAlexander Eremin<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<link rel="next" href="man.arpaname.html" title="arpaname">
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
0094b373ead542a342e4250eaf37854ccd3e50c0jv<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
3c7284bd3243d42a710edac3a15f6019b4c849beAlexander Eremin<a name="man.ddns-confgen"></a><div class="titlepage"></div>
3c7284bd3243d42a710edac3a15f6019b4c849beAlexander Eremin<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
3c7284bd3243d42a710edac3a15f6019b4c849beAlexander Eremin<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
3c7284bd3243d42a710edac3a15f6019b4c849beAlexander Eremin<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek are invocation methods for a utility that generates keys for use
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek in TSIG signing. The resulting keys can be used, for example,
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek to secure dynamic DNS updates to a zone or for the
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek <span><strong class="command">rndc</strong></span> command channel.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek can be specified on the command line which will be used as
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek the name of the generated key. If no name is specified,
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek the default is <code class="constant">tsig-key</code>.
0094b373ead542a342e4250eaf37854ccd3e50c0jv When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
0094b373ead542a342e4250eaf37854ccd3e50c0jv key is accompanied by configuration text and instructions
0094b373ead542a342e4250eaf37854ccd3e50c0jv that can be used with <span><strong class="command">nsupdate</strong></span> and
0094b373ead542a342e4250eaf37854ccd3e50c0jv <span><strong class="command">named</strong></span> when setting up dynamic DNS,
0094b373ead542a342e4250eaf37854ccd3e50c0jv including an example <span><strong class="command">update-policy</strong></span>
0094b373ead542a342e4250eaf37854ccd3e50c0jv statement. (This usage similar to the
0094b373ead542a342e4250eaf37854ccd3e50c0jv <span><strong class="command">rndc-confgen</strong></span> command for setting
0094b373ead542a342e4250eaf37854ccd3e50c0jv up command channel security.)
0094b373ead542a342e4250eaf37854ccd3e50c0jv Note that <span><strong class="command">named</strong></span> itself can configure a
0094b373ead542a342e4250eaf37854ccd3e50c0jv local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
0094b373ead542a342e4250eaf37854ccd3e50c0jv it does this when a zone is configured with
0094b373ead542a342e4250eaf37854ccd3e50c0jv <span><strong class="command">update-policy local;</strong></span>.
0094b373ead542a342e4250eaf37854ccd3e50c0jv <span><strong class="command">ddns-confgen</strong></span> is only needed when a
0094b373ead542a342e4250eaf37854ccd3e50c0jv more elaborate configuration is required: for instance,
0094b373ead542a342e4250eaf37854ccd3e50c0jv if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
0094b373ead542a342e4250eaf37854ccd3e50c0jv<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
0094b373ead542a342e4250eaf37854ccd3e50c0jv Specifies the algorithm to use for the TSIG key. Available
0094b373ead542a342e4250eaf37854ccd3e50c0jv choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
0094b373ead542a342e4250eaf37854ccd3e50c0jv hmac-sha384 and hmac-sha512. The default is hmac-sha256.
0094b373ead542a342e4250eaf37854ccd3e50c0jv Options are case-insensitive, and the "hmac-" prefix
0094b373ead542a342e4250eaf37854ccd3e50c0jv may be omitted.
0094b373ead542a342e4250eaf37854ccd3e50c0jv Prints a short summary of options and arguments.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek Specifies the key name of the DDNS authentication key.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek The default is <code class="constant">ddns-key</code> when neither
0094b373ead542a342e4250eaf37854ccd3e50c0jv the <code class="option">-s</code> nor <code class="option">-z</code> option is
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek specified; otherwise, the default
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek is <code class="constant">ddns-key</code> as a separate label
c75cc341903ca38e644edfae5357a4020418f9be followed by the argument of the option, e.g.,
ff17c8bf86c3e567734be83f90267edee20f580fgjelinek <code class="constant">ddns-key.example.com.</code>
ff17c8bf86c3e567734be83f90267edee20f580fgjelinek The key name must have the format of a valid domain name,
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek consisting of letters, digits, hyphens and periods.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek only the key, with no explanatory text or usage examples;
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
ff17c8bf86c3e567734be83f90267edee20f580fgjelinek<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
ff17c8bf86c3e567734be83f90267edee20f580fgjelinek Specifies a source of random data for generating the
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek authorization. If the operating system does not provide a
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek <code class="filename">/dev/random</code> or equivalent device, the
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek default source of randomness is keyboard input.
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek <code class="filename">randomdev</code> specifies the name of a
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek character device or file containing random data to be used
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek instead of the default. The special value
0094b373ead542a342e4250eaf37854ccd3e50c0jv <code class="filename">keyboard</code> indicates that keyboard input
0094b373ead542a342e4250eaf37854ccd3e50c0jv should be used.
0094b373ead542a342e4250eaf37854ccd3e50c0jv<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
99653d4ee642c6528e88224f12409a5f23060994eschrock (<span><strong class="command">ddns-confgen</strong></span> only.)
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek Generate configuration example to allow dynamic updates
0b5de56d26c0148ad33bb3a9201091502f24d910gjelinek of a single hostname. The example <span><strong class="command">named.conf</strong></span>