man.ddns-confgen.html revision 81199ce5ba7bd719add38189b06987e0a6e583a1
0c04407550130c0ea040b5675f2c214426b27718fuankg - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
0c04407550130c0ea040b5675f2c214426b27718fuankg - Copyright (C) 2000-2003 Internet Software Consortium.
0c04407550130c0ea040b5675f2c214426b27718fuankg - Permission to use, copy, modify, and/or distribute this software for any
0c04407550130c0ea040b5675f2c214426b27718fuankg - purpose with or without fee is hereby granted, provided that the above
0c04407550130c0ea040b5675f2c214426b27718fuankg - copyright notice and this permission notice appear in all copies.
0c04407550130c0ea040b5675f2c214426b27718fuankg - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
0c04407550130c0ea040b5675f2c214426b27718fuankg - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
0662ed52e814f8f08ef0e09956413a792584eddffuankg - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
0c04407550130c0ea040b5675f2c214426b27718fuankg - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
0c04407550130c0ea040b5675f2c214426b27718fuankg - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
0c04407550130c0ea040b5675f2c214426b27718fuankg - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
0c04407550130c0ea040b5675f2c214426b27718fuankg - PERFORMANCE OF THIS SOFTWARE.
0c04407550130c0ea040b5675f2c214426b27718fuankg<!-- $Id$ -->
0c04407550130c0ea040b5675f2c214426b27718fuankg<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
16b55a35cff91315d261d1baa776138af465c4e4fuankg<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
16b55a35cff91315d261d1baa776138af465c4e4fuankg<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
0c04407550130c0ea040b5675f2c214426b27718fuankg<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
0c04407550130c0ea040b5675f2c214426b27718fuankg<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
0c04407550130c0ea040b5675f2c214426b27718fuankg<link rel="next" href="man.arpaname.html" title="arpaname">
0c04407550130c0ea040b5675f2c214426b27718fuankg<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
0c04407550130c0ea040b5675f2c214426b27718fuankg<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
0c04407550130c0ea040b5675f2c214426b27718fuankg<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
0c04407550130c0ea040b5675f2c214426b27718fuankg<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
0c04407550130c0ea040b5675f2c214426b27718fuankg<a name="man.ddns-confgen"></a><div class="titlepage"></div>
0c04407550130c0ea040b5675f2c214426b27718fuankg<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
0c04407550130c0ea040b5675f2c214426b27718fuankg<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
0c04407550130c0ea040b5675f2c214426b27718fuankg<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
0c04407550130c0ea040b5675f2c214426b27718fuankg are invocation methods for a utility that generates keys for use
0c04407550130c0ea040b5675f2c214426b27718fuankg in TSIG signing. The resulting keys can be used, for example,
0c04407550130c0ea040b5675f2c214426b27718fuankg to secure dynamic DNS updates to a zone or for the
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">rndc</strong></span> command channel.
0c04407550130c0ea040b5675f2c214426b27718fuankg When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
0c04407550130c0ea040b5675f2c214426b27718fuankg can be specified on the command line which will be used as
0c04407550130c0ea040b5675f2c214426b27718fuankg the name of the generated key. If no name is specified,
0c04407550130c0ea040b5675f2c214426b27718fuankg the default is <code class="constant">tsig-key</code>.
0c04407550130c0ea040b5675f2c214426b27718fuankg When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
0c04407550130c0ea040b5675f2c214426b27718fuankg key is accompanied by configuration text and instructions
0c04407550130c0ea040b5675f2c214426b27718fuankg that can be used with <span><strong class="command">nsupdate</strong></span> and
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">named</strong></span> when setting up dynamic DNS,
0c04407550130c0ea040b5675f2c214426b27718fuankg including an example <span><strong class="command">update-policy</strong></span>
0c04407550130c0ea040b5675f2c214426b27718fuankg statement. (This usage similar to the
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">rndc-confgen</strong></span> command for setting
0c04407550130c0ea040b5675f2c214426b27718fuankg up command channel security.)
0c04407550130c0ea040b5675f2c214426b27718fuankg Note that <span><strong class="command">named</strong></span> itself can configure a
0c04407550130c0ea040b5675f2c214426b27718fuankg local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
0c04407550130c0ea040b5675f2c214426b27718fuankg it does this when a zone is configured with
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">update-policy local;</strong></span>.
0c04407550130c0ea040b5675f2c214426b27718fuankg <span><strong class="command">ddns-confgen</strong></span> is only needed when a
0c04407550130c0ea040b5675f2c214426b27718fuankg more elaborate configuration is required: for instance,
0c04407550130c0ea040b5675f2c214426b27718fuankg if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
0c04407550130c0ea040b5675f2c214426b27718fuankg<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
0c04407550130c0ea040b5675f2c214426b27718fuankg Specifies the algorithm to use for the TSIG key. Available
ea1b70b7a14558cc058b9a1fc31d78afb093f529fuankg choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
0c04407550130c0ea040b5675f2c214426b27718fuankg hmac-sha384 and hmac-sha512. The default is hmac-sha256.
0c04407550130c0ea040b5675f2c214426b27718fuankg Options are case-insensitive, and the "hmac-" prefix
0c04407550130c0ea040b5675f2c214426b27718fuankg may be omitted.
0c04407550130c0ea040b5675f2c214426b27718fuankg Prints a short summary of options and arguments.
0c04407550130c0ea040b5675f2c214426b27718fuankg<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
0c04407550130c0ea040b5675f2c214426b27718fuankg Specifies the key name of the DDNS authentication key.
0c04407550130c0ea040b5675f2c214426b27718fuankg The default is <code class="constant">ddns-key</code> when neither
0c04407550130c0ea040b5675f2c214426b27718fuankg the <code class="option">-s</code> nor <code class="option">-z</code> option is
0c04407550130c0ea040b5675f2c214426b27718fuankg specified; otherwise, the default
0c04407550130c0ea040b5675f2c214426b27718fuankg is <code class="constant">ddns-key</code> as a separate label
0662ed52e814f8f08ef0e09956413a792584eddffuankg followed by the argument of the option, e.g.,
0c04407550130c0ea040b5675f2c214426b27718fuankg The key name must have the format of a valid domain name,
0c04407550130c0ea040b5675f2c214426b27718fuankg consisting of letters, digits, hyphens and periods.
0c04407550130c0ea040b5675f2c214426b27718fuankg (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
0c04407550130c0ea040b5675f2c214426b27718fuankg only the key, with no explanatory text or usage examples;
0c04407550130c0ea040b5675f2c214426b27718fuankg This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
0c04407550130c0ea040b5675f2c214426b27718fuankg<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
0662ed52e814f8f08ef0e09956413a792584eddffuankg Specifies a source of random data for generating the
0c04407550130c0ea040b5675f2c214426b27718fuankg authorization. If the operating system does not provide a
0c04407550130c0ea040b5675f2c214426b27718fuankg <code class="filename">/dev/random</code> or equivalent device, the
0c04407550130c0ea040b5675f2c214426b27718fuankg default source of randomness is keyboard input.
0c04407550130c0ea040b5675f2c214426b27718fuankg <code class="filename">randomdev</code> specifies the name of a
0662ed52e814f8f08ef0e09956413a792584eddffuankg character device or file containing random data to be used
0c04407550130c0ea040b5675f2c214426b27718fuankg instead of the default. The special value
0c04407550130c0ea040b5675f2c214426b27718fuankg <code class="filename">keyboard</code> indicates that keyboard input
0c04407550130c0ea040b5675f2c214426b27718fuankg should be used.
0c04407550130c0ea040b5675f2c214426b27718fuankg<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
0c04407550130c0ea040b5675f2c214426b27718fuankg (<span><strong class="command">ddns-confgen</strong></span> only.)
0c04407550130c0ea040b5675f2c214426b27718fuankg Generate configuration example to allow dynamic updates
0c04407550130c0ea040b5675f2c214426b27718fuankg of a single hostname. The example <span><strong class="command">named.conf</strong></span>
0662ed52e814f8f08ef0e09956413a792584eddffuankg text shows how to set an update policy for the specified
0c04407550130c0ea040b5675f2c214426b27718fuankg using the "name" nametype. The default key name is
0c04407550130c0ea040b5675f2c214426b27718fuankg ddns-key.<em class="replaceable"><code>name</code></em>.
0c04407550130c0ea040b5675f2c214426b27718fuankg Note that the "self" nametype cannot be used, since
0c04407550130c0ea040b5675f2c214426b27718fuankg the name to be updated may differ from the key name.
0c04407550130c0ea040b5675f2c214426b27718fuankg This option cannot be used with the <code class="option">-z</code> option.
0c04407550130c0ea040b5675f2c214426b27718fuankg<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
0c04407550130c0ea040b5675f2c214426b27718fuankg (<span><strong class="command">ddns-confgen</strong></span> only.)
0c04407550130c0ea040b5675f2c214426b27718fuankg Generate configuration example to allow dynamic updates
0c04407550130c0ea040b5675f2c214426b27718fuankg of a zone: The example <span><strong class="command">named.conf</strong></span> text
0c04407550130c0ea040b5675f2c214426b27718fuankg shows how to set an update policy for the specified
0c04407550130c0ea040b5675f2c214426b27718fuankg using the "zonesub" nametype, allowing updates to
0c04407550130c0ea040b5675f2c214426b27718fuankg all subdomain names within that
0c04407550130c0ea040b5675f2c214426b27718fuankg This option cannot be used with the <code class="option">-s</code> option.
0c04407550130c0ea040b5675f2c214426b27718fuankg<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
0c04407550130c0ea040b5675f2c214426b27718fuankg <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
0c04407550130c0ea040b5675f2c214426b27718fuankg <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
0c04407550130c0ea040b5675f2c214426b27718fuankg <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
0c04407550130c0ea040b5675f2c214426b27718fuankg<p><span class="corpauthor">Internet Systems Consortium</span>
0c04407550130c0ea040b5675f2c214426b27718fuankg<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
0c04407550130c0ea040b5675f2c214426b27718fuankg<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
0c04407550130c0ea040b5675f2c214426b27718fuankg<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
0c04407550130c0ea040b5675f2c214426b27718fuankg<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
0c04407550130c0ea040b5675f2c214426b27718fuankg<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
0c04407550130c0ea040b5675f2c214426b27718fuankg<p style="text-align: center;">BIND 9.11.0pre-alpha</p>