man.ddns-confgen.html revision d9f0b06dc2bba47e3fe63afdf41c638d3517ceff
297be3708069ef31814d6d75c0d71a50a78feb03Mark Andrews - Copyright (C) 2004-2014 Internet Systems Consortium, Inc. ("ISC")
75c0816e8295e180f4bc7f10db3d0d880383bc1cMark Andrews - Copyright (C) 2000-2003 Internet Software Consortium.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - Permission to use, copy, modify, and/or distribute this software for any
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - purpose with or without fee is hereby granted, provided that the above
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - copyright notice and this permission notice appear in all copies.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein - PERFORMANCE OF THIS SOFTWARE.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
e21a2904f02a03fa06b6db04d348f65fe9c67b2bMark Andrews<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="prev" href="man.rndc-confgen.html" title="rndc-confgen">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<link rel="next" href="man.arpaname.html" title="arpaname">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<tr><th colspan="3" align="center"><span class="application">ddns-confgen</span></th></tr>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater<a name="man.ddns-confgen"></a><div class="titlepage"></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<p><span class="application">ddns-confgen</span> — ddns key generation tool</p>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">tsig-keygen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [name]</p></div>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<div class="cmdsynopsis"><p><code class="command">ddns-confgen</code> [<code class="option">-a <em class="replaceable"><code>algorithm</code></em></code>] [<code class="option">-h</code>] [<code class="option">-k <em class="replaceable"><code>keyname</code></em></code>] [<code class="option">-q</code>] [<code class="option">-r <em class="replaceable"><code>randomfile</code></em></code>] [ -s <em class="replaceable"><code>name</code></em> | -z <em class="replaceable"><code>zone</code></em> ]</p></div>
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater<a name="id2662782"></a><h2>DESCRIPTION</h2>
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater <span><strong class="command">tsig-keygen</strong></span> and <span><strong class="command">ddns-confgen</strong></span>
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater are invocation methods for a utility that generates keys for use
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein in TSIG signing. The resulting keys can be used, for example,
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater to secure dynamic DNS updates to a zone or for the
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater <span><strong class="command">rndc</strong></span> command channel.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater When run as <span><strong class="command">tsig-keygen</strong></span>, a domain name
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater can be specified on the command line which will be used as
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the name of the generated key. If no name is specified,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the default is <code class="constant">tsig-key</code>.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater When run as <span><strong class="command">ddns-confgen</strong></span>, the generated
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater key is accompanied by configuration text and instructions
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater that can be used with <span><strong class="command">nsupdate</strong></span> and
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater <span><strong class="command">named</strong></span> when setting up dynamic DNS,
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater including an example <span><strong class="command">update-policy</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein statement. (This usage similar to the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span><strong class="command">rndc-confgen</strong></span> command for setting
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein up command channel security.)
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater Note that <span><strong class="command">named</strong></span> itself can configure a
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater local DDNS key for use with <span><strong class="command">nsupdate -l</strong></span>:
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein it does this when a zone is configured with
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater <span><strong class="command">update-policy local;</strong></span>.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater <span><strong class="command">ddns-confgen</strong></span> is only needed when a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein more elaborate configuration is required: for instance,
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater if <span><strong class="command">nsupdate</strong></span> is to be used from a remote
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specifies the algorithm to use for the TSIG key. Available
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater hmac-sha384 and hmac-sha512. The default is hmac-sha256.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Options are case-insensitive, and the "hmac-" prefix
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein may be omitted.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater Prints a short summary of options and arguments.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater<dt><span class="term">-k <em class="replaceable"><code>keyname</code></em></span></dt>
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater Specifies the key name of the DDNS authentication key.
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater The default is <code class="constant">ddns-key</code> when neither
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein the <code class="option">-s</code> nor <code class="option">-z</code> option is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein specified; otherwise, the default
ab8729140b1ad688ab03e1e9ce438fb1cbb49222Automatic Updater is <code class="constant">ddns-key</code> as a separate label
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater followed by the argument of the option, e.g.,
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater <code class="constant">ddns-key.example.com.</code>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein The key name must have the format of a valid domain name,
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater consisting of letters, digits, hyphens and periods.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (<span><strong class="command">ddns-confgen</strong></span> only.) Quiet mode: Print
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein only the key, with no explanatory text or usage examples;
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews This is essentially identical to <span><strong class="command">tsig-keygen</strong></span>.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<dt><span class="term">-r <em class="replaceable"><code>randomfile</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein Specifies a source of random data for generating the
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews authorization. If the operating system does not provide a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">/dev/random</code> or equivalent device, the
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein default source of randomness is keyboard input.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">randomdev</code> specifies the name of a
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein character device or file containing random data to be used
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater instead of the default. The special value
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <code class="filename">keyboard</code> indicates that keyboard input
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein should be used.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<dt><span class="term">-s <em class="replaceable"><code>name</code></em></span></dt>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein (<span><strong class="command">ddns-confgen</strong></span> only.)
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater Generate configuration example to allow dynamic updates
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein of a single hostname. The example <span><strong class="command">named.conf</strong></span>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein text shows how to set an update policy for the specified
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater <em class="replaceable"><code>name</code></em>
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater using the "name" nametype. The default key name is
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein ddns-key.<em class="replaceable"><code>name</code></em>.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater Note that the "self" nametype cannot be used, since
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater the name to be updated may differ from the key name.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater This option cannot be used with the <code class="option">-z</code> option.
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<dt><span class="term">-z <em class="replaceable"><code>zone</code></em></span></dt>
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater (<span><strong class="command">ddns-confgen</strong></span> only.)
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater Generate configuration example to allow dynamic updates
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater of a zone: The example <span><strong class="command">named.conf</strong></span> text
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein shows how to set an update policy for the specified
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater <em class="replaceable"><code>zone</code></em>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein using the "zonesub" nametype, allowing updates to
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein all subdomain names within that
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater <em class="replaceable"><code>zone</code></em>.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater This option cannot be used with the <code class="option">-s</code> option.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<p><span class="citerefentry"><span class="refentrytitle">nsupdate</span>(1)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named.conf</span>(5)</span>,
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein <span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<p><span class="corpauthor">Internet Systems Consortium</span>
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<table width="100%" summary="Navigation footer">
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<a accesskey="p" href="man.rndc-confgen.html">Prev</a>�</td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>
71c66a876ecca77923638d3f94cc0783152b2f03Mark Andrews<td width="40%" align="right">�<a accesskey="n" href="man.arpaname.html">Next</a>
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<span class="application">rndc-confgen</span>�</td>
28b3569d6248168e6c00caab951521cc8141a49dAutomatic Updater<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
60e5e10f8d2e2b0c41e8abad38cacd867caa6ab2Rob Austein<td width="40%" align="right" valign="top">�<span class="application">arpaname</span>