man.ddns-confgen.html revision c0cbdeedb5e119c640f098da1851cb1b9adcc739
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - Copyright (C) 2004-2015 Internet Systems Consortium, Inc. ("ISC")
f6b909274159da7aaad8463c90f15018136cf6cbTinderbox User - Copyright (C) 2000-2003 Internet Software Consortium.
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - purpose with or without fee is hereby granted, provided that the above
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews - copyright notice and this permission notice appear in all copies.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews - PERFORMANCE OF THIS SOFTWARE.
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt<!-- $Id$ -->
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki<link rel="up" href="Bv9ARM.ch13.html" title="Manual pages">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<link rel="next" href="man.arpaname.html" title="arpaname">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<table width="100%" summary="Navigation header">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<th width="60%" align="center">Manual pages</th>
2ae159b376dac23870d8005563c585acf85a4b5aEvan Hunt<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<a name="man.ddns-confgen"></a><div class="titlepage"></div>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews are invocation methods for a utility that generates keys for use
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews in TSIG signing. The resulting keys can be used, for example,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews to secure dynamic DNS updates to a zone or for the
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <span><strong class="command">rndc</strong></span> command channel.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews can be specified on the command line which will be used as
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews the name of the generated key. If no name is specified,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews the default is <code class="constant">tsig-key</code>.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews key is accompanied by configuration text and instructions
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews that can be used with <span><strong class="command">nsupdate</strong></span> and
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt <span><strong class="command">named</strong></span> when setting up dynamic DNS,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt including an example <span><strong class="command">update-policy</strong></span>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews statement. (This usage similar to the
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <span><strong class="command">rndc-confgen</strong></span> command for setting
9f5443280fcfd625a06f63a1b457ed2335840278Mark Andrews up command channel security.)
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews Note that <span><strong class="command">named</strong></span> itself can configure a
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews it does this when a zone is configured with
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews <span><strong class="command">update-policy local;</strong></span>.
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews <span><strong class="command">ddns-confgen</strong></span> is only needed when a
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews more elaborate configuration is required: for instance,
095c47be5456c17087d7b39dfc97ebee65e0dfbbMark Andrews if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Specifies the algorithm to use for the TSIG key. Available
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews hmac-sha384 and hmac-sha512. The default is hmac-sha256.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Options are case-insensitive, and the "hmac-" prefix
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews may be omitted.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Prints a short summary of options and arguments.
1059bc2e42e8214f8b73d3b4cd181d8394a94a6aFrancis Dupont<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Specifies the key name of the DDNS authentication key.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews The default is <code class="constant">ddns-key</code> when neither
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews the <code class="option">-s</code> nor <code class="option">-z</code> option is
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews specified; otherwise, the default
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews is <code class="constant">ddns-key</code> as a separate label
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews followed by the argument of the option, e.g.,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <code class="constant">ddns-key.example.com.</code>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews The key name must have the format of a valid domain name,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews consisting of letters, digits, hyphens and periods.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews only the key, with no explanatory text or usage examples;
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Specifies a source of random data for generating the
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews authorization. If the operating system does not provide a
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <code class="filename">/dev/random</code> or equivalent device, the
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews default source of randomness is keyboard input.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <code class="filename">randomdev</code> specifies the name of a
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews character device or file containing random data to be used
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews instead of the default. The special value
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <code class="filename">keyboard</code> indicates that keyboard input
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews should be used.
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
45fd95544cd650a8e6a0fc39b656d1109b811ac0Evan Hunt (<span><strong class="command">ddns-confgen</strong></span> only.)
45fd95544cd650a8e6a0fc39b656d1109b811ac0Evan Hunt Generate configuration example to allow dynamic updates
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki of a single hostname. The example <span><strong class="command">named.conf</strong></span>
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki text shows how to set an update policy for the specified
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki <em class="replaceable"><code>name</code></em>
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki using the "name" nametype. The default key name is
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki ddns-key.<em class="replaceable"><code>name</code></em>.
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki Note that the "self" nametype cannot be used, since
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki the name to be updated may differ from the key name.
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki This option cannot be used with the <code class="option">-z</code> option.
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews (<span><strong class="command">ddns-confgen</strong></span> only.)
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews Generate configuration example to allow dynamic updates
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews of a zone: The example <span><strong class="command">named.conf</strong></span> text
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki shows how to set an update policy for the specified
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki <em class="replaceable"><code>zone</code></em>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews using the "zonesub" nametype, allowing updates to
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews all subdomain names within that
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <em class="replaceable"><code>zone</code></em>.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews This option cannot be used with the <code class="option">-s</code> option.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<p><span class="corpauthor">Internet Systems Consortium</span>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<table width="100%" summary="Navigation footer">
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch13.html">Up</a></td>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<span class="application">rndc-confgen</span>�</td>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840eMark Andrews<p style="text-align: center;">BIND 9.11.0pre-alpha</p>