man.ddns-confgen.html revision 2fa992d017c027173a47c834db88bef10df453c0
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Copyright (C) 2000-2003 Internet Software Consortium.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - Permission to use, copy, modify, and/or distribute this software for any
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - purpose with or without fee is hereby granted, provided that the above
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - copyright notice and this permission notice appear in all copies.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster - PERFORMANCE OF THIS SOFTWARE.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<!-- $Id$ -->
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<link rel="next" href="man.arpaname.html" title="arpaname">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<table width="100%" summary="Navigation header">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<th width="60%" align="center">Manual pages</th>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<a name="man.ddns-confgen"></a><div class="titlepage"></div>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster are invocation methods for a utility that generates keys for use
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster in TSIG signing. The resulting keys can be used, for example,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster to secure dynamic DNS updates to a zone or for the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">rndc</strong></span> command channel.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster can be specified on the command line which will be used as
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster the name of the generated key. If no name is specified,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster the default is <code class="constant">tsig-key</code>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster key is accompanied by configuration text and instructions
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster that can be used with <span><strong class="command">nsupdate</strong></span> and
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">named</strong></span> when setting up dynamic DNS,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster including an example <span><strong class="command">update-policy</strong></span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster statement. (This usage similar to the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">rndc-confgen</strong></span> command for setting
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster up command channel security.)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Note that <span><strong class="command">named</strong></span> itself can configure a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster it does this when a zone is configured with
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">update-policy local;</strong></span>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span><strong class="command">ddns-confgen</strong></span> is only needed when a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster more elaborate configuration is required: for instance,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Specifies the algorithm to use for the TSIG key. Available
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster hmac-sha384 and hmac-sha512. The default is hmac-sha256.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Options are case-insensitive, and the "hmac-" prefix
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster may be omitted.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Prints a short summary of options and arguments.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Specifies the key name of the DDNS authentication key.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster The default is <code class="constant">ddns-key</code> when neither
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster the <code class="option">-s</code> nor <code class="option">-z</code> option is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster specified; otherwise, the default
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster is <code class="constant">ddns-key</code> as a separate label
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster followed by the argument of the option, e.g.,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="constant">ddns-key.example.com.</code>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster The key name must have the format of a valid domain name,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster consisting of letters, digits, hyphens and periods.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster only the key, with no explanatory text or usage examples;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Specifies a source of random data for generating the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster authorization. If the operating system does not provide a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename">/dev/random</code> or equivalent device, the
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster default source of randomness is keyboard input.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename">randomdev</code> specifies the name of a
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster character device or file containing random data to be used
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster instead of the default. The special value
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <code class="filename">keyboard</code> indicates that keyboard input
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster should be used.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (<span><strong class="command">ddns-confgen</strong></span> only.)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Generate configuration example to allow dynamic updates
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster of a single hostname. The example <span><strong class="command">named.conf</strong></span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster text shows how to set an update policy for the specified
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster using the "name" nametype. The default key name is
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster ddns-key.<em class="replaceable"><code>name</code></em>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Note that the "self" nametype cannot be used, since
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster the name to be updated may differ from the key name.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster This option cannot be used with the <code class="option">-z</code> option.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster (<span><strong class="command">ddns-confgen</strong></span> only.)
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster Generate configuration example to allow dynamic updates
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster of a zone: The example <span><strong class="command">named.conf</strong></span> text
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster shows how to set an update policy for the specified
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster using the "zonesub" nametype, allowing updates to
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster all subdomain names within that
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="replaceable"><code>zone</code></em>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster This option cannot be used with the <code class="option">-s</code> option.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p><span class="corpauthor">Internet Systems Consortium</span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<table width="100%" summary="Navigation footer">
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<span class="application">rndc-confgen</span>�</td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster<p style="text-align: center;">BIND Version 9.11</p>