man.ddns-confgen.html revision 9c716f839c5dc2a9e236dada3af83b03e863078b
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
32098293b78922a5fbd10906afa28624820d3756Tinderbox User - Copyright (C) 2000-2003 Internet Software Consortium.
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - Permission to use, copy, modify, and/or distribute this software for any
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - purpose with or without fee is hereby granted, provided that the above
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User - copyright notice and this permission notice appear in all copies.
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<!-- $Id$ -->
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.arpaname.html" title="arpaname">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<table width="100%" summary="Navigation header">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
0b89eee6167201843c9a46b7e7c63cb1e4e09ba3Tinderbox User<th width="60%" align="center">Manual pages</th>
32098293b78922a5fbd10906afa28624820d3756Tinderbox User<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a name="man.ddns-confgen"></a><div class="titlepage"></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein are invocation methods for a utility that generates keys for use
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews in TSIG signing. The resulting keys can be used, for example,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein to secure dynamic DNS updates to a zone or for the
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User <span><strong class="command">rndc</strong></span> command channel.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User can be specified on the command line which will be used as
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the name of the generated key. If no name is specified,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the default is <code class="constant">tsig-key</code>.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User key is accompanied by configuration text and instructions
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User that can be used with <span><strong class="command">nsupdate</strong></span> and
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">named</strong></span> when setting up dynamic DNS,
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User including an example <span><strong class="command">update-policy</strong></span>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User statement. (This usage similar to the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">rndc-confgen</strong></span> command for setting
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User up command channel security.)
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Note that <span><strong class="command">named</strong></span> itself can configure a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein it does this when a zone is configured with
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">update-policy local;</strong></span>.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span><strong class="command">ddns-confgen</strong></span> is only needed when a
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt more elaborate configuration is required: for instance,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
2b4d1b54f6ca406b8233d9e6fea9593df6dad035Tinderbox User Specifies the algorithm to use for the TSIG key. Available
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User hmac-sha384 and hmac-sha512. The default is hmac-sha256.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User Options are case-insensitive, and the "hmac-" prefix
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt may be omitted.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User Prints a short summary of options and arguments.
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User Specifies the key name of the DDNS authentication key.
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User The default is <code class="constant">ddns-key</code> when neither
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User the <code class="option">-s</code> nor <code class="option">-z</code> option is
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User specified; otherwise, the default
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User is <code class="constant">ddns-key</code> as a separate label
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User followed by the argument of the option, e.g.,
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User <code class="constant">ddns-key.example.com.</code>
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User The key name must have the format of a valid domain name,
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User consisting of letters, digits, hyphens and periods.
17fdbf542a0db30107b200403c51a72fe62c218dTinderbox User (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
6f64d4ab8e68f9b2333bcbfc755396d29a4a9d7cAutomatic Updater only the key, with no explanatory text or usage examples;
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User Specifies a source of random data for generating the
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt authorization. If the operating system does not provide a
bbbf2e27d3a981163dab139497d6b2dc85449db0Tinderbox User <code class="filename">/dev/random</code> or equivalent device, the
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User default source of randomness is keyboard input.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <code class="filename">randomdev</code> specifies the name of a
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User character device or file containing random data to be used
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User instead of the default. The special value
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User <code class="filename">keyboard</code> indicates that keyboard input
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User should be used.
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
44d0f0256fbdce130a18655023c3b06bacacbd61Automatic Updater (<span><strong class="command">ddns-confgen</strong></span> only.)
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Generate configuration example to allow dynamic updates
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User of a single hostname. The example <span><strong class="command">named.conf</strong></span>
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User text shows how to set an update policy for the specified
bcf15a19ae0efa72a22cdfb50666a3c6ce39eb9fTinderbox User using the "name" nametype. The default key name is
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User ddns-key.<em class="replaceable"><code>name</code></em>.
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User Note that the "self" nametype cannot be used, since
983df82baf1d7d0b668c98cf45928a19f175c6e7Tinderbox User the name to be updated may differ from the key name.
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User This option cannot be used with the <code class="option">-z</code> option.
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User (<span><strong class="command">ddns-confgen</strong></span> only.)
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User Generate configuration example to allow dynamic updates
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User of a zone: The example <span><strong class="command">named.conf</strong></span> text
983df82baf1d7d0b668c98cf45928a19f175c6e7Tinderbox User shows how to set an update policy for the specified
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User <em class="replaceable"><code>zone</code></em>
260e8e04b0dc24cb884c789b5d9eb046457f264eTinderbox User using the "zonesub" nametype, allowing updates to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein all subdomain names within that
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews This option cannot be used with the <code class="option">-s</code> option.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<p><span class="corpauthor">Internet Systems Consortium</span>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<table width="100%" summary="Navigation footer">
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<span class="application">rndc-confgen</span>�</td>
af40ebed6257e4ac1996144530b3de317cf4da11Tinderbox User<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt<p style="text-align: center;">BIND 9.11.0pre-alpha</p>