man.ddns-confgen.html revision 8dcec3cf256105c620d02d5c84c9ccbfe495ca8d
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek - Copyright (C) 2000-2016 Internet Systems Consortium, Inc. ("ISC")
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek - This Source Code Form is subject to the terms of the Mozilla Public
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek - License, v. 2.0. If a copy of the MPL was not distributed with this
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek - file, You can obtain one at http://mozilla.org/MPL/2.0/.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<link rel="next" href="man.arpaname.html" title="arpaname">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<table width="100%" summary="Navigation header">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<th width="60%" align="center">Manual pages</th>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<a name="man.ddns-confgen"></a><div class="titlepage"></div>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek — ddns key generation tool
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>]
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>]
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>]
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>]
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek -s <em class="replaceable"><code>name</code></em>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek | -z <em class="replaceable"><code>zone</code></em>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<a name="id-1.14.30.7"></a><h2>DESCRIPTION</h2>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>tsig-keygen</strong></span> and <span class="command"><strong>ddns-confgen</strong></span>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek are invocation methods for a utility that generates keys for use
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek in TSIG signing. The resulting keys can be used, for example,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek to secure dynamic DNS updates to a zone or for the
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>rndc</strong></span> command channel.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek When run as <span class="command"><strong>tsig-keygen</strong></span>, a domain name
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek can be specified on the command line which will be used as
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek the name of the generated key. If no name is specified,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek the default is <code class="constant">tsig-key</code>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek When run as <span class="command"><strong>ddns-confgen</strong></span>, the generated
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek key is accompanied by configuration text and instructions
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek that can be used with <span class="command"><strong>nsupdate</strong></span> and
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>named</strong></span> when setting up dynamic DNS,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek including an example <span class="command"><strong>update-policy</strong></span>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek statement. (This usage similar to the
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>rndc-confgen</strong></span> command for setting
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek up command channel security.)
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Note that <span class="command"><strong>named</strong></span> itself can configure a
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek local DDNS key for use with <span class="command"><strong>nsupdate -l</strong></span>:
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek it does this when a zone is configured with
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>update-policy local;</strong></span>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="command"><strong>ddns-confgen</strong></span> is only needed when a
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek more elaborate configuration is required: for instance,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek if <span class="command"><strong>nsupdate</strong></span> is to be used from a remote
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <div class="variablelist"><dl class="variablelist">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Specifies the algorithm to use for the TSIG key. Available
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek hmac-sha384 and hmac-sha512. The default is hmac-sha256.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Options are case-insensitive, and the "hmac-" prefix
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek may be omitted.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Prints a short summary of options and arguments.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Specifies the key name of the DDNS authentication key.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek The default is <code class="constant">ddns-key</code> when neither
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek the <code class="option">-s</code> nor <code class="option">-z</code> option is
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek specified; otherwise, the default
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek is <code class="constant">ddns-key</code> as a separate label
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek followed by the argument of the option, e.g.,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <code class="constant">ddns-key.example.com.</code>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek The key name must have the format of a valid domain name,
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek consisting of letters, digits, hyphens and periods.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek (<span class="command"><strong>ddns-confgen</strong></span> only.) Quiet mode: Print
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek only the key, with no explanatory text or usage examples;
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek This is essentially identical to <span class="command"><strong>tsig-keygen</strong></span>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Specifies a source of random data for generating the
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek authorization. If the operating system does not provide a
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <code class="filename">/dev/random</code> or equivalent device, the
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek default source of randomness is keyboard input.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <code class="filename">randomdev</code> specifies the name of a
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek character device or file containing random data to be used
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek instead of the default. The special value
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <code class="filename">keyboard</code> indicates that keyboard input
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek should be used.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek (<span class="command"><strong>ddns-confgen</strong></span> only.)
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Generate configuration example to allow dynamic updates
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek of a single hostname. The example <span class="command"><strong>named.conf</strong></span>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek text shows how to set an update policy for the specified
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <em class="replaceable"><code>name</code></em>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek using the "name" nametype. The default key name is
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek ddns-key.<em class="replaceable"><code>name</code></em>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Note that the "self" nametype cannot be used, since
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek the name to be updated may differ from the key name.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek This option cannot be used with the <code class="option">-z</code> option.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek (<span class="command"><strong>ddns-confgen</strong></span> only.)
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek Generate configuration example to allow dynamic updates
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek of a zone: The example <span class="command"><strong>named.conf</strong></span> text
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek shows how to set an update policy for the specified
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <em class="replaceable"><code>zone</code></em>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek using the "zonesub" nametype, allowing updates to
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek all subdomain names within that
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <em class="replaceable"><code>zone</code></em>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek This option cannot be used with the <code class="option">-s</code> option.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="refentrytitle">nsupdate</span>(1)
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <span class="refentrytitle">named.conf</span>(5)
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<table width="100%" summary="Navigation footer">
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<span class="application">rndc-confgen</span>�</td>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
7b1019a6d29ccb7999dc76cba3dde1c627e8e609Jerry Jelinek<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.11.1rc2</p>