doc/arm/man.ddns-confgen.html

	man.ddns-confgen.html revision 6bcac4b58d16ee91184a72bd4ff05c41538fd932
486a57e2622e0076c60148ad1634608afdefc9degryzor<!--
486a57e2622e0076c60148ad1634608afdefc9degryzor - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
fd9abdda70912b99b24e3bf1a38f26fde908a74cnd - Copyright (C) 2000-2003 Internet Software Consortium.
fd9abdda70912b99b24e3bf1a38f26fde908a74cnd -
fd9abdda70912b99b24e3bf1a38f26fde908a74cnd - Permission to use, copy, modify, and/or distribute this software for any
486a57e2622e0076c60148ad1634608afdefc9degryzor - purpose with or without fee is hereby granted, provided that the above
486a57e2622e0076c60148ad1634608afdefc9degryzor - copyright notice and this permission notice appear in all copies.
486a57e2622e0076c60148ad1634608afdefc9degryzor -
486a57e2622e0076c60148ad1634608afdefc9degryzor - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
96ad5d81ee4a2cc66a4ae19893efc8aa6d06fae7jailletc - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
486a57e2622e0076c60148ad1634608afdefc9degryzor - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
486a57e2622e0076c60148ad1634608afdefc9degryzor - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
486a57e2622e0076c60148ad1634608afdefc9degryzor - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
2e545ce2450a9953665f701bb05350f0d3f26275nd - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
486a57e2622e0076c60148ad1634608afdefc9degryzor - PERFORMANCE OF THIS SOFTWARE.
486a57e2622e0076c60148ad1634608afdefc9degryzor-->
486a57e2622e0076c60148ad1634608afdefc9degryzor<!-- $Id$ -->
486a57e2622e0076c60148ad1634608afdefc9degryzor<html>
486a57e2622e0076c60148ad1634608afdefc9degryzor<head>
486a57e2622e0076c60148ad1634608afdefc9degryzor<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
486a57e2622e0076c60148ad1634608afdefc9degryzor<title>ddns-confgen</title>
486a57e2622e0076c60148ad1634608afdefc9degryzor<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
486a57e2622e0076c60148ad1634608afdefc9degryzor<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
486a57e2622e0076c60148ad1634608afdefc9degryzor<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
486a57e2622e0076c60148ad1634608afdefc9degryzor<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
486a57e2622e0076c60148ad1634608afdefc9degryzor<link rel="next" href="man.arpaname.html" title="arpaname">
486a57e2622e0076c60148ad1634608afdefc9degryzor</head>
486a57e2622e0076c60148ad1634608afdefc9degryzor<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="navheader">
486a57e2622e0076c60148ad1634608afdefc9degryzor<table width="100%" summary="Navigation header">
486a57e2622e0076c60148ad1634608afdefc9degryzor<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor<tr>
4a56677aad9b66a36f3dc9fddbca8dc1230ad471rbowen<td width="20%" align="left">
4a56677aad9b66a36f3dc9fddbca8dc1230ad471rbowen<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor<th width="60%" align="center">Manual pages</th>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
486a57e2622e0076c60148ad1634608afdefc9degryzor</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor</tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor</table>
486a57e2622e0076c60148ad1634608afdefc9degryzor<hr>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="refentry" lang="en">
486a57e2622e0076c60148ad1634608afdefc9degryzor<a name="man.ddns-confgen"></a><div class="titlepage"></div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="refnamediv">
486a57e2622e0076c60148ad1634608afdefc9degryzor<h2>Name</h2>
486a57e2622e0076c60148ad1634608afdefc9degryzor<p><span class="application">ddns-confgen</span> &#8212; ddns key generation tool</p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar</div>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<div class="refsynopsisdiv">
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<h2>Synopsis</h2>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code>  [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em>  |   -z <em class="replaceable"><code>zone</code></em> ]</p></div>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="refsect1" lang="en">
486a57e2622e0076c60148ad1634608afdefc9degryzor<a name="id2662622"></a><h2>DESCRIPTION</h2>
486a57e2622e0076c60148ad1634608afdefc9degryzor<p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
486a57e2622e0076c60148ad1634608afdefc9degryzor      are invokation methods for a utility that generates keys for use
486a57e2622e0076c60148ad1634608afdefc9degryzor      in TSIG signing.  The resulting keys can be used, for example,
486a57e2622e0076c60148ad1634608afdefc9degryzor      to secure dynamic DNS updates to a zone or for the
486a57e2622e0076c60148ad1634608afdefc9degryzor      <span><strong class="command">rndc</strong></span> command channel.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar    </p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      can be specified on the command line which will be used as
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      the name of the generated key.  If no name is specified,
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      the default is <code class="constant">tsig-key</code>.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar    </p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      key is accompanied by configuration text and instructions
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      that can be used with <span><strong class="command">nsupdate</strong></span> and
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      <span><strong class="command">named</strong></span> when setting up dynamic DNS,
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      including an example <span><strong class="command">update-policy</strong></span>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      statement.  (This usage similar to the
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      <span><strong class="command">rndc-confgen</strong></span> command for setting
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      up command channel security.)
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar    </p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      Note that <span><strong class="command">named</strong></span> itself can configure a
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      it does this when a zone is configured with
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      <span><strong class="command">update-policy local;</strong></span>.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      <span><strong class="command">ddns-confgen</strong></span> is only needed when a
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      more elaborate configuration is required: for instance,
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      system.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar    </p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar</div>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<div class="refsect1" lang="en">
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<a name="id2662726"></a><h2>OPTIONS</h2>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<div class="variablelist"><dl>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dd><p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar            Specifies the algorithm to use for the TSIG key.  Available
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar            choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar            hmac-sha384 and hmac-sha512.  The default is hmac-sha256.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar            Options are case-insensitive, and the "hmac-" prefix
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar            may be omitted.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      </p></dd>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dt><span class="term">-h</span></dt>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dd><p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        Prints a short summary of options and arguments.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar      </p></dd>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar<dd><p>
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        Specifies the key name of the DDNS authentication key.
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        The default is <code class="constant">ddns-key</code> when neither
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        the <code class="option">-s</code> nor <code class="option">-z</code> option is
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        specified; otherwise, the default
1f1b6bf13313fdd14a45e52e553d3ff28689b717coar        is <code class="constant">ddns-key</code> as a separate label
e3e52ec6993de04bb0100e098ce0a569c7001382lgentis        followed by the argument of the option, e.g.,
486a57e2622e0076c60148ad1634608afdefc9degryzor        <code class="constant">ddns-key.example.com.</code>
486a57e2622e0076c60148ad1634608afdefc9degryzor        The key name must have the format of a valid domain name,
486a57e2622e0076c60148ad1634608afdefc9degryzor        consisting of letters, digits, hyphens and periods.
486a57e2622e0076c60148ad1634608afdefc9degryzor      </p></dd>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dt><span class="term">-q</span></dt>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dd><p>
486a57e2622e0076c60148ad1634608afdefc9degryzor        (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode:  Print
486a57e2622e0076c60148ad1634608afdefc9degryzor            only the key, with no explanatory text or usage examples;
486a57e2622e0076c60148ad1634608afdefc9degryzor            This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
486a57e2622e0076c60148ad1634608afdefc9degryzor      </p></dd>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dd><p>
486a57e2622e0076c60148ad1634608afdefc9degryzor            Specifies a source of random data for generating the
486a57e2622e0076c60148ad1634608afdefc9degryzor            authorization.  If the operating system does not provide a
486a57e2622e0076c60148ad1634608afdefc9degryzor            <code class="filename">/dev/random</code> or equivalent device, the
486a57e2622e0076c60148ad1634608afdefc9degryzor            default source of randomness is keyboard input.
486a57e2622e0076c60148ad1634608afdefc9degryzor            <code class="filename">randomdev</code> specifies the name of a
486a57e2622e0076c60148ad1634608afdefc9degryzor            character device or file containing random data to be used
486a57e2622e0076c60148ad1634608afdefc9degryzor            instead of the default.  The special value
486a57e2622e0076c60148ad1634608afdefc9degryzor            <code class="filename">keyboard</code> indicates that keyboard input
486a57e2622e0076c60148ad1634608afdefc9degryzor            should be used.
486a57e2622e0076c60148ad1634608afdefc9degryzor      </p></dd>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dd><p>
486a57e2622e0076c60148ad1634608afdefc9degryzor            (<span><strong class="command">ddns-confgen</strong></span> only.)
486a57e2622e0076c60148ad1634608afdefc9degryzor        Generate configuration example to allow dynamic updates
486a57e2622e0076c60148ad1634608afdefc9degryzor            of a single hostname.  The example <span><strong class="command">named.conf</strong></span>
486a57e2622e0076c60148ad1634608afdefc9degryzor            text shows how to set an update policy for the specified
486a57e2622e0076c60148ad1634608afdefc9degryzor            <em class="replaceable"><code>name</code></em>
486a57e2622e0076c60148ad1634608afdefc9degryzor        using the "name" nametype.  The default key name is
486a57e2622e0076c60148ad1634608afdefc9degryzor        ddns-key.<em class="replaceable"><code>name</code></em>.
486a57e2622e0076c60148ad1634608afdefc9degryzor        Note that the "self" nametype cannot be used, since
486a57e2622e0076c60148ad1634608afdefc9degryzor        the name to be updated may differ from the key name.
486a57e2622e0076c60148ad1634608afdefc9degryzor        This option cannot be used with the <code class="option">-z</code> option.
486a57e2622e0076c60148ad1634608afdefc9degryzor      </p></dd>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
486a57e2622e0076c60148ad1634608afdefc9degryzor<dd><p>
4aa603e6448b99f9371397d439795c91a93637eand            (<span><strong class="command">ddns-confgen</strong></span> only.)
4aa603e6448b99f9371397d439795c91a93637eand        Generate configuration example to allow dynamic updates
486a57e2622e0076c60148ad1634608afdefc9degryzor            of a zone:  The example <span><strong class="command">named.conf</strong></span> text
486a57e2622e0076c60148ad1634608afdefc9degryzor            shows how to set an update policy for the specified
486a57e2622e0076c60148ad1634608afdefc9degryzor        <em class="replaceable"><code>zone</code></em>
486a57e2622e0076c60148ad1634608afdefc9degryzor        using the "zonesub" nametype, allowing updates to
486a57e2622e0076c60148ad1634608afdefc9degryzor            all subdomain names within that
486a57e2622e0076c60148ad1634608afdefc9degryzor            <em class="replaceable"><code>zone</code></em>.
486a57e2622e0076c60148ad1634608afdefc9degryzor        This option cannot be used with the <code class="option">-s</code> option.
486a57e2622e0076c60148ad1634608afdefc9degryzor      </p></dd>
486a57e2622e0076c60148ad1634608afdefc9degryzor</dl></div>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="refsect1" lang="en">
486a57e2622e0076c60148ad1634608afdefc9degryzor<a name="id2665127"></a><h2>SEE ALSO</h2>
486a57e2622e0076c60148ad1634608afdefc9degryzor<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
486a57e2622e0076c60148ad1634608afdefc9degryzor      <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
486a57e2622e0076c60148ad1634608afdefc9degryzor      <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
486a57e2622e0076c60148ad1634608afdefc9degryzor      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
486a57e2622e0076c60148ad1634608afdefc9degryzor    </p>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="refsect1" lang="en">
e3e52ec6993de04bb0100e098ce0a569c7001382lgentis<a name="id2665165"></a><h2>AUTHOR</h2>
486a57e2622e0076c60148ad1634608afdefc9degryzor<p><span class="corpauthor">Internet Systems Consortium</span>
486a57e2622e0076c60148ad1634608afdefc9degryzor    </p>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor<div class="navfooter">
486a57e2622e0076c60148ad1634608afdefc9degryzor<hr>
486a57e2622e0076c60148ad1634608afdefc9degryzor<table width="100%" summary="Navigation footer">
486a57e2622e0076c60148ad1634608afdefc9degryzor<tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="40%" align="left">
486a57e2622e0076c60148ad1634608afdefc9degryzor<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
486a57e2622e0076c60148ad1634608afdefc9degryzor</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor</tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor<tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="40%" align="left" valign="top">
486a57e2622e0076c60148ad1634608afdefc9degryzor<span class="application">rndc-confgen</span>�</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
486a57e2622e0076c60148ad1634608afdefc9degryzor<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
486a57e2622e0076c60148ad1634608afdefc9degryzor</td>
486a57e2622e0076c60148ad1634608afdefc9degryzor</tr>
486a57e2622e0076c60148ad1634608afdefc9degryzor</table>
486a57e2622e0076c60148ad1634608afdefc9degryzor</div>
486a57e2622e0076c60148ad1634608afdefc9degryzor</body>
486a57e2622e0076c60148ad1634608afdefc9degryzor</html>
486a57e2622e0076c60148ad1634608afdefc9degryzor