man.ddns-confgen.html revision 3e240d6559605696cadf630668683708b18de871
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - Copyright (C) 2000-2003 Internet Software Consortium.
c651f15b30f1dae5cc2f00878fb5da5b3a35a468Mark Andrews - Permission to use, copy, modify, and/or distribute this software for any
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - purpose with or without fee is hereby granted, provided that the above
ec5347e2c775f027573ce5648b910361aa926c01Automatic Updater - copyright notice and this permission notice appear in all copies.
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
d4ef65050feac78554addf6e16a06c6e2e0bd331Brian Wellington - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews - PERFORMANCE OF THIS SOFTWARE.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews<!-- $Id$ -->
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<link rel="next" href="man.arpaname.html" title="arpaname">
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<table width="100%" summary="Navigation header">
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<th width="60%" align="center">Manual pages</th>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
6a6ceba6fe09c81558362f238dd727576af7108dTinderbox User<a name="man.ddns-confgen"></a><div class="titlepage"></div>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
f5d30e2864e048a42c4dc1134993ae7efdb5d6c3Mark Andrews<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<a name="id2664616"></a><h2>DESCRIPTION</h2>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington are invocation methods for a utility that generates keys for use
c40265eba0c99708887d68e67901924065ba2514Brian Wellington in TSIG signing. The resulting keys can be used, for example,
c40265eba0c99708887d68e67901924065ba2514Brian Wellington to secure dynamic DNS updates to a zone or for the
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">rndc</strong></span> command channel.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt can be specified on the command line which will be used as
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt the name of the generated key. If no name is specified,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt the default is <code class="constant">tsig-key</code>.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
c40265eba0c99708887d68e67901924065ba2514Brian Wellington key is accompanied by configuration text and instructions
c40265eba0c99708887d68e67901924065ba2514Brian Wellington that can be used with <span><strong class="command">nsupdate</strong></span> and
c40265eba0c99708887d68e67901924065ba2514Brian Wellington <span><strong class="command">named</strong></span> when setting up dynamic DNS,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt including an example <span><strong class="command">update-policy</strong></span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt statement. (This usage similar to the
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <span><strong class="command">rndc-confgen</strong></span> command for setting
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt up command channel security.)
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt Note that <span><strong class="command">named</strong></span> itself can configure a
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt it does this when a zone is configured with
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt <span><strong class="command">update-policy local;</strong></span>.
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt <span><strong class="command">ddns-confgen</strong></span> is only needed when a
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt more elaborate configuration is required: for instance,
85c5ed3577655f4f710f0af5ee93edd71c336055Evan Hunt if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt Specifies the algorithm to use for the TSIG key. Available
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
c40265eba0c99708887d68e67901924065ba2514Brian Wellington hmac-sha384 and hmac-sha512. The default is hmac-sha256.
c40265eba0c99708887d68e67901924065ba2514Brian Wellington Options are case-insensitive, and the "hmac-" prefix
c40265eba0c99708887d68e67901924065ba2514Brian Wellington may be omitted.
0f8c9b5eed7e8714ceb7d6d3675555df9c5f6350Mark Andrews Prints a short summary of options and arguments.
0f8c9b5eed7e8714ceb7d6d3675555df9c5f6350Mark Andrews<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
0f8c9b5eed7e8714ceb7d6d3675555df9c5f6350Mark Andrews Specifies the key name of the DDNS authentication key.
0f8c9b5eed7e8714ceb7d6d3675555df9c5f6350Mark Andrews The default is <code class="constant">ddns-key</code> when neither
c40265eba0c99708887d68e67901924065ba2514Brian Wellington the <code class="option">-s</code> nor <code class="option">-z</code> option is
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein specified; otherwise, the default
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein is <code class="constant">ddns-key</code> as a separate label
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews followed by the argument of the option, e.g.,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <code class="constant">ddns-key.example.com.</code>
2637d30fbd235fe98145f4312b10cc41a13bf7dcJeremy C. Reed The key name must have the format of a valid domain name,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein consisting of letters, digits, hyphens and periods.
a26ad011f382d12058478704cb5e90e6f4366d01Andreas Gustafsson (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
a26ad011f382d12058478704cb5e90e6f4366d01Andreas Gustafsson only the key, with no explanatory text or usage examples;
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein Specifies a source of random data for generating the
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein authorization. If the operating system does not provide a
a26ad011f382d12058478704cb5e90e6f4366d01Andreas Gustafsson <code class="filename">/dev/random</code> or equivalent device, the
a26ad011f382d12058478704cb5e90e6f4366d01Andreas Gustafsson default source of randomness is keyboard input.
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews <code class="filename">randomdev</code> specifies the name of a
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews character device or file containing random data to be used
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews instead of the default. The special value
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews <code class="filename">keyboard</code> indicates that keyboard input
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews should be used.
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews (<span><strong class="command">ddns-confgen</strong></span> only.)
3bc4221346e5045c5679dd0d84f4f7d888a9da79Mark Andrews Generate configuration example to allow dynamic updates
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews of a single hostname. The example <span><strong class="command">named.conf</strong></span>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews text shows how to set an update policy for the specified
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews using the "name" nametype. The default key name is
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews ddns-key.<em class="replaceable"><code>name</code></em>.
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews Note that the "self" nametype cannot be used, since
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews the name to be updated may differ from the key name.
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews This option cannot be used with the <code class="option">-z</code> option.
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews (<span><strong class="command">ddns-confgen</strong></span> only.)
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews Generate configuration example to allow dynamic updates
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews of a zone: The example <span><strong class="command">named.conf</strong></span> text
ff6de396a93b9b73a37173059a595f3d295b57cbMark Andrews shows how to set an update policy for the specified
92551304a9abff9284de5b79a48e83d781989339Mark Andrews using the "zonesub" nametype, allowing updates to
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein all subdomain names within that
561a29af8c54a216e7d30b5b4f6e0d21661654ecMark Andrews This option cannot be used with the <code class="option">-s</code> option.
7791dd06ea69d0fb2494788ad4c24d568f40bcdfMark Andrews<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
e9359db5e958bf05f9b9c5fe3c27d533f0f05550Mark Andrews <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
7791dd06ea69d0fb2494788ad4c24d568f40bcdfMark Andrews<p><span class="corpauthor">Internet Systems Consortium</span>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
c40265eba0c99708887d68e67901924065ba2514Brian Wellington<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<span class="application">rndc-confgen</span>�</td>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
268a4475065fe6a8cd7cc707820982cf5e98f430Rob Austein<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p style="text-align: center;">BIND 9.11.0pre-alpha</p>